Full Disclosure mailing list archives
1. Think 2. Post (write it down)
From: full-disclosure () lists netsys com (full-disclosure () lists netsys com)
Date: Fri, 16 Aug 2002 02:02:30 -0700
On Thu, 15 Aug 2002, Anodyne Perspective wrote:
Sure, more than an idle threat to you, but only because you waited too long to mitigate or prevent the usability or an exploit on your systems,
That implies the vulnerability used against him can be mitigated. You make a big assumption here.
or you didn't prevent remote/networked access prior to now.
Well, in this case, you need to disconnect any and all machines you are responsible for from the Net right now. Kay? Make sure and prevent networked access to them. Another assumption you make is that he didn't _need_ his system to be networked or remotely accessible. You have no real idea why his machine was networked.
What's new about this? What's especially scary? Nothing.
You don't really have any idea. It could be the next apache or ssh exploit or it could be a Sendmail bug from 1993. However, when you go making assumptions, you do blackhats a bit favor. By the way, in case Ron is reading this "GO BLACKHATS!!"
These kids are full of piss and wind.
Hmm. It would seem the are also full of exploits, too. "Piss and wind" implies all talk no action. Obviously they have a little more going than that or our home-boy here wouldn't have an 0wned machine, now would he? Another one of your assumptions gone horribly wrong, and easily preventable with about two seconds of rational thought.
Increasing age prevents an inexhaustible supply of them.
Nah, I'm pretty old. I'd consider myself a blackhat. Although I don't go around 0wning people or commiting felonies. I guess I'll just never grow up and "learn" the merits of being a whitehat. I work for the man, and I pay the bills by writing code. However, the difference between me and most of the hypocrites on this list is that I don't try to rationalize what I'm doing with some false sense of "ethics". I work for the money, doing insignificant crappy code for a big fat corporation. If they go out of business, I'm probably screwed. However, the PHC dudes aren't going to facilitate that. Neither are any other group of hackers.
Humor them.
Hell yeah! That's the spirit! Just think what they could do with full access to an HF research lab. Yeah, yeah, Let's go over to Stewart's house and burn something!
It's funny to watch them rant about the coming apocalypse of blackhat justice.
You like that too? Maybe you are not as vile as I thought. aliver
Current thread:
- more than idle threats I'm afraid full-disclosure () lists netsys com (Aug 15)
- more than idle threats I'm afraid Anodyne Perspective (Aug 15)
- 1. Think 2. Post (write it down) full-disclosure () lists netsys com (Aug 16)
- 1. Think 2. Post (write it down) Anodyne Perspective (Aug 16)
- 1. Think 2. Post (write it down) full-disclosure () lists netsys com (Aug 16)
- <Possible follow-ups>
- more than idle threats I'm afraid full-disclosure () lists netsys com (Aug 16)
- more than idle threats I'm afraid Anodyne Perspective (Aug 16)
- more than idle threats I'm afraid Anodyne Perspective (Aug 15)