lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Mon, 10 Oct 2011 23:31:35 +0000
From: Michael Schmidt <mschmidt@...gstore.com>
To: "'secn3t@...il.com'" <secn3t@...il.com>, Daniel Sichel
	<daniels@...derosatel.com>
Cc: "full-disclosure@...ts.grok.org.uk" <full-disclosure@...ts.grok.org.uk>
Subject: Re: Wipe off, rub out, reappear...

If its bot net code and it is behind an air barrier then it will never phone home. They can take their time to kill it because it will never get instructions to do anything. If it's something more destructive then maybe they need to call in someone more experienced. But it does not sound destructive and it does sound like it is on a disconnected network.

From: full-disclosure-bounces@...ts.grok.org.uk [mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf Of xD 0x41
Sent: Monday, October 10, 2011 3:53 PM
To: Daniel Sichel
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: [Full-disclosure] Wipe off, rub out, reappear...

I will say, with Botnets, and bots in general, i dont see much talented people on FD... although, seems many can decrypt them, so, makes me wonder , it is a train-of-thought also, i guess this is where hat colors take control.. black hats would say, go read some bot src and wake up FD, while white hats would say, "but we can just kill it anyhow...' "oh, we decrypted it"... etc...
another pintless neverneding arguement..


On 11 October 2011 07:22, Daniel Sichel <daniels@...derosatel.com<mailto:daniels@...derosatel.com>> wrote:
Somebody posted the following;

> I'm just curious to these questions. It's strange to hear someone
> saying "we basically have no idea what's going on".****
>

Doesn't sound funny to me, happens to me all the time. That's how I
learn.

Dan S.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ