| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: vxdude2003 at yahoo.com (VX Dude) Subject: win2kup2date.exe ? Personally I think this thread is starting to get off topic. But I'd like to address a topic that got brushed aside by this penis contest. Viruses/Malware/Rogue Code on Full-Disclosure I know this gets addressed every 2 months (you can calibrate your NTP server by it). But it's an issue that should have some actual discussion on, and not just waved off with a few remarks. Since most of the people reading this knows what Full-disclosure is, I wont pretend that you don't. How many times have we (the admins, the incident responce guys, and the help desk techs) had to respond to a virus outbreak without any help from antivirus companies? Even when we pay them thousands of dollars in support contracts, the best information we get is "the diffinitions will be posted at so and so time". Wouldn't it be nice for once if one admin see's malware, and alerts everyone else? So we know what subject line and attachments to block? Isn't this the spirit of FD? The "only trust the established antivirus corporations" line of thinking is (to me) just like saying "only vendors should release information about bugs". Am I alone in this thinking? Shouldn't it become a standard FD practice to send the list a copy of new malware that the "AV professionals" haven't told us about? How much of your security budget could be saved if you weren't in the blind about the viruses already hitting your networks. Could FD style virus information be of help for those first critical hours? I have a sad feeling that I am alone about this. If I am, then I really pity you guys. Stinny FranCisco, CISSP Internet Sniper eDefense Inc. --- Nick FitzGerald <nick@...us-l.demon.co.uk> wrote: > Bugtraq Security Systems wrote: > > > Nick, > > You're a moron, and a fake moron at that. ... > > Lessee -- "fake" means "not". > > So, in case it is not already obvious to you, your > statement thus > reduces to an outright contradiction. > > What a surprise. > > NOT! > > I wonder who is the real moron here then? > > > ... If you had the clue god gave the > > average scriptkiddie, ... > > Fortunately, I have much more than that, as you have > already, so > adroitly, proved. > > Go crawl back under your rock... > > > ... you'd kill yourself in shame at your own > postings. > > Following your example, perhaps? > > > Cheers, > > BUGTRAQ Security Systems > > "If Nick FitzGerald had a brain cell for every bug > we tracked, ... > > Again, I am rather fortunate to weigh in > considerably on the upside of > that equation... > > > ... he'd be > > smart and not an arrogant no-nothing like he is > now." > > ...so I should be considerbaly "smart" and > considerably "not an > arrogant no-nothing" [sic], yet you then turn around > and contradict > yourself again. > > Fool -- if you're going to call folk names, at least > decide what those > names will be before hitting send on a screw-up of a > message such as > your last attempt... > > > Regards, > > Nick FitzGerald > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: > http://lists.netsys.com/full-disclosure-charter.html > __________________________________ Do you Yahoo!? Yahoo! Mail is new and improved - Check it out! http://promotions.yahoo.com/new_mail
Powered by blists - more mailing lists