Security Incidents mailing list archives
Re: Something nasty
From: "Jay D. Dyson" <jdyson () TREACHERY NET>
Date: Wed, 6 Sep 2000 10:03:24 -0700
-----BEGIN PGP SIGNED MESSAGE----- On Wed, 6 Sep 2000, Adam Maloney wrote:
I think it's rather obvious that these people are trying to save time nmapping the whole internet so they'd rather just have clueless sales droids fill out the form that I presume would ask for what type/version of OS, what software is installed, etc. It would make compromising the box pretty easy.
As a person much wiser than I once said, "Sufficiently advanced stupidity is indistinguishable from malice." With that in mind, I'd opt more for cluelessness on the sender's part. With the various domains I've assisted in managing, inquiries like this are pretty common (and they usually want *free* shell accounts). Even so, I must admit this is the first time I've see such an inquiry accompanied by a URL. As it stands, there are a number of sites that offer loads of information on what ISPs offer shell accounts and whatnot. There are also lists of Freenets (many of which offer shell accounts) that can be readily found via Google, Yahoo and Altavista. All of these lists can be run past netcraft.com if the individual *truly* wanted to ID your webserver's OS (and most enterprise-wide webservers reflect the dominant OS in a given network). Judging from all the above, I'd say this is a benign "threat." If someone really wanted to scope out your network or OS, there are a great many methods that could be readily employed that wouldn't so easily put the potential intruder on your radar. - -Jay ( ______ )) .--- "There's always time for a good cup of coffee" ---. >===<--. C|~~| (>-------- Jay D. Dyson -- jdyson () treachery net --------<) | = |-' `--' `-- Encrypt as if your life depends on it. It does. --' `-----' -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBObZ459CClfiU/BIVAQFQZgQAhhWwXfnjEztu5DQFg8VCOi8CnZ0eL4H7 0xuHaMrMh2+Sa9Eu4tv7qN8nX90ZQ1nvfAOzqwKZKba62XbWrfVc4GW1vu6DEyE4 N+k0vn47Dmw5KQL8eI5MqLzoovwWuF3yhUe606uIx0UW7poH05kF+gV312HaWLOP oLGsB6XLxUM= =bIyl -----END PGP SIGNATURE-----
Current thread:
- Something nasty Adam Maloney (Sep 06)
- Re: Something nasty Jay D. Dyson (Sep 06)
- Re: Something nasty Rich Puhek (Sep 06)
- Re: Something nasty Gerhard den Hollander (Sep 07)