Re: why o why did NASA do this.

[GuidoZ <uberguidoz () gmail com>]

> I meant this outdated NASA e-mail list. I undestand that FD could be
> used for this purpose.
> (snip)
> You know me better than that GuidoZ .....lol

=) Yeah, I do. I wasn't sure if you were having a brain fart or something. lol

> The fact that NASA just hands you this information (outdated or not) is
> pretty sad. As I stated before it is free information leakage at best
> and because it is outdated it should be removed from public view. This
> could be used for social attacks and e-mail attacks. I don't think
> SPAMmers care about some 6 year old list but hackers would. Any
> information that they can get free of charge is just that much better.

Well said. It was finally removed from public view, though I'd imagine
quite a few saved it just in case (myself included). No, it's not some
perfect list for every malicious purpose, though it's certainly better
then nothing. Spammers really don't care if it's active or not - they
will still sell it. Social Engineering can go a long way though. It's
entirely possible someone that worked at NASA in 1996 would be there
still today. It's called a career. =)

--
Peace. ~G


On Tue, 19 Oct 2004 07:59:36 -0500, Todd Towles
<toddtowles () brookshires com> wrote:
> I meant this outdated NASA e-mail list. I undestand that FD could be
> used for this purpose.
>
> The fact that NASA just hands you this information (outdated or not) is
> pretty sad. As I stated before it is free information leakage at best
> and because it is outdated it should be removed from public view. This
> could be used for social attacks and e-mail attacks. I don't think
> SPAMmers care about some 6 year old list but hackers would. Any
> information that they can get free of charge is just that much better.
>
> You know me better than that GuidoZ .....lol
>
> > -----Original Message-----
> > From: GuidoZ [mailto:uberguidoz () gmail com]
> > Sent: Tuesday, October 19, 2004 1:24 AM
> > To: Todd Towles
> > Cc: full-disclosure () lists netsys com
> > Subject: Re: [Full-disclosure] why o why did NASA do this.
> >
> > > how would this list help me spam?
> >
> > Google your email address - then simply use a bot to gather
> > ALL the email addresses listed in the posts along with it. ;)
> > The sad fact is that the email addresses used to post to this
> > list (and any others like it) are freely there for the
> > taking. Plus, it's quite obvious they are active. (More
> > obvious then, say, email addies fro 1996?) ;)
> >
> > --
> > Peace. ~G
> >
> >
> > On Mon, 18 Oct 2004 11:02:00 -0500, Todd Towles
> > <toddtowles () brookshires com> wrote:
> > > Exactly as I stated eariler...this is just information
> > leakage...old
> > > as it might be, it helps...the people on the list are just
> > doing their
> > > jobs...getting paid and giving information to a employee that knows
> > > their name (and is higher in the company) seems harmless.
> > Spam isn't
> > > the issue with this information leakage, I can buy a CD
> > with 6 million
> > > e-mail address on it...how would this list help me spam?
> > >
> > >
> > >
> > > > -----Original Message-----
> > > > From: full-disclosure-admin () lists netsys com
> > > > [mailto:full-disclosure-admin () lists netsys com] On Behalf Of
> > > > KF_lists
> > > > Sent: Monday, October 18, 2004 9:06 AM
> > > > To: Harry de Grote
> > > > Cc: full-disclosure () lists netsys com
> > > > Subject: Re: [Full-disclosure] why o why did NASA do this.
> > > >
> > > >
> > > > Forget about the spammers, how about social engineers.
> > This is quite
> > > > the gold mine for that.
> > > >
> > > > Hi this is Joe Schmoe from building 69 I need to have my password
> > > > reset.
> > > > -KF
> > > >
> > > >
> > > > > i have to admit... it's pretty old and useless, but i think
> > > > this may
> > > > > be a nice place for spammers to try out some new adresses...
> > > >
> > > > _______________________________________________
> > > > Full-Disclosure - We believe in it.
> > > > Charter: http://lists.netsys.com/full-disclosure-charter.html
> > >
> > > _______________________________________________
> > > Full-Disclosure - We believe in it.
> > > Charter: http://lists.netsys.com/full-disclosure-charter.html

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html