lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Sat, 21 Jan 2012 10:42:12 +1100
From: GloW - XD <doomxd@...il.com>
To: Gage Bystrom <themadichib0d@...il.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Facebook seems to think my Arch Linux box has
 malware on it

ya just cant please em all on here :P


On 21 January 2012 10:24, Gage Bystrom <themadichib0d@...il.com> wrote:
> Well I apologize if you consider a 'dns lookup' to be a buzz word. I also
> apologize if you are incapable of understanding intent without it being
> spelled out for you that I was stating what I would do if I had seen that
> and I suggest he do something similar.
>
> What's your problem with me being specific instead of being vague about the
> steps? The difference between your idiotic "Hollywood" script and what I
> actually said is that I put an ounce of thought into mine. If you have a
> problem with that I said then explain what's wrong with it instead of going
> about with an ad hominem fallacy.
>
> Speaking of contribution what the hell are you contributing with all of
> this? I gave some 'trite advice' as to what he could do and I framed it as
> what I would have done. What's so bad about that? If you can do nothing but
> bitch about how my advice and my phrasing makes me a horrible person than
> you might as well move on. I certainly know that's what I intend to do. Oh
> wait, you have a problem with people stating what they would do in a given
> situation, I'm sorry. I'll try to be more considerate next time.
>
> On Jan 20, 2012 3:10 PM, "James Condron" <james@...o-internet.org.uk> wrote:
>>
>> Yeah, you really weren't, you were telling us how you would have handled
>> it, with all the buzzwords and terms you could have thought of.
>>
>> Hell, I'm surprised you didn't manage to get the word 'synergy' in there.
>>
>> " I would do a dns lookup and then compare those results to that of a
>> public web service, and save the links for the AVs to check if they have any
>> malicious history associated with them."
>>
>> Reads like s bad Hollywood script
>>
>> "First I would ping the phone number and see if I could telnet to the
>> ICMP, then get the PTR of the MAC address and use an ARP overflow and spoof
>> the TTL of the Window Size and..." (etc. etc.)
>>
>> What are you suggesting; take a look at where the request is coming from
>> and make a decision based on that whether the software is being punted by
>> facebook or a third party?
>>
>> Fine- just say that; make your suggestion and get on with your life. Its a
>> little trite as advice goes, but if thats all you can contribute then go for
>> it.
>>
>> Coming in with your Marky-Mark talk of "First I'd get the first hijacker
>> and use his head to kill the second hijacker and then I'd be all like 'yeah,
>> lets land the plane here- let me drive'" is not very helpful
>>
>> On 20 Jan 2012, at 22:37, Gage Bystrom wrote:
>>
>> > What the hell are you talking about? I was just giving some advice on
>> > how he could check if it was legit or not if it happens again.
>> >
>> > What crawled up your ass and died this morning?
>> >
>> > On Jan 20, 2012 2:21 PM, <james@...o-internet.org.uk> wrote:
>> > You should tell us what you would have done had you been on one of the
>> > hijacked sept 11 planes.
>> >
>> > Bet things would have gone down different then, amiright?
>> >
>> > Sent from my BlackBerry® wireless device
>> >
>> > -----Original Message-----
>> > From: Gage Bystrom <themadichib0d@...il.com>
>> > Sender: full-disclosure-bounces@...ts.grok.org.uk
>> > Date: Fri, 20 Jan 2012 13:29:01
>> > To: Wesley Kerfoot<wjak56@...il.com>;
>> > full-disclosure@...ts.grok.org.uk<full-disclosure@...ts.grok.org.uk>
>> > Subject: Re: [Full-disclosure] Facebook seems to think my Arch Linux box
>> > has
>> >  malware on it
>> >
>> > _______________________________________________
>> > Full-Disclosure - We believe in it.
>> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> > Hosted and sponsored by Secunia - http://secunia.com/
>>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ