| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu Mar 9 23:37:57 2006
From: fd at g-0.org (GroundZero Security)
Subject: For Sale: Security Vulnerability
DatabaseCompany
Noone takes a google group serious get a real domain.
the n3td3v thing is just a site thrown together so they can
put up adsense and make some cash. It looks totally unprofessional,
yet they claim its build from "software developers, international hackers,
security researchers, online media journalists, system administrators,
incident response professionals, top thinkers and security aware peoples"
and not even one of them has skills in html or even 10 bucks to buy a domain?
yeah right......... :-)
----- Original Message -----
From: System Outage
To: full-disclosure@...ts.grok.org.uk
Sent: Thursday, March 09, 2006 10:14 PM
Subject: Re: [Full-disclosure] For Sale: Security Vulnerability DatabaseCompany
Thats a complete exaduration actually, theres no query on the group that would come up with 5,000 results. The n3td3v group engine is pretty accurate, and displays perfect technical detail documentation, and additionally, (if required) can offer related and even off shoot background discussion into a particular vulnerability at the time of its disclosure. To say an ntp search would come up with 5,000 unrelated results is completely barbaric. I think the source to your hatred is with the founder ('n3td3v') rather than the group its self which offers a great resource to anyone in the security field. Of course, if you can provide conclusive evidence to the contrary, do get in touch with the list, providing indepth audit information relating to your claim.
Valdis.Kletnieks@...edu wrote:
On Wed, 08 Mar 2006 05:46:03 PST, System Outage said:
> Why would someone buy a security vulnerability database company? Theres
> already free security vulnerability databases out there. Try this one I
> recently found, you can search for anything you want http://groups.google.com/
> group/n3td3v and its free.
Geez. Somebody hand me a sharp wooden stake, a good mallet, and some garlic
and holy water just in case... ;)
I'm sure you can *search* for anything you want there. The value of a database
is, however, directly related to its ability to return useful information.
5,000 postings that all say "wow leet hole in ntp a few years ago" is worth
nowhere near as much as one detailed technical posting of how that exploit
leveraged a one-byte buffer overrun into a complete rooting of the box....
------------------------------------------------------------------------------
Brings words and photos together (easily) with
PhotoMail - it's free and works with Yahoo! Mail.
------------------------------------------------------------------------------
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060310/115840f6/attachment.html
Powered by blists - more mailing lists