[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Pine.LNX.4.33.0209101634560.6068-100000@cerber.no>
From: misha at cerber.no (Mikhail Iakovlev)
Subject: SecurityFocus.com unavailable...
Hello
I think this drastic measure is an overkill to the problem. Seems like
Securityfocus is just DDoS'ed, which any kid on planet in theory can
perform. Securing your boxes is another issue, and it should have been
done _before_ you put it on the net in the first place.
Strangely, none of my contacts (including known groups over long time)
ever heard of such group, neither about what you call "Black Boar".
It seems to me that someone is trying to advertise for some lowleve
script-kiddie which will than can tell all his friends - "Hey, th3y 4re
4fR4iD 0ff m3 0? tHaT m4iLiNg Li$T!!!Eye'm l33t!!!" etc etc in
g00bl3z n00bish style.
It could be after all as simple as securityfocus has some
problems with upgrades, or _their_ ISP in fact is under attack.
Maybe it happened as well because of Elias Levy was abroad last few days
(he held conference in Stockholm 3-4 days ago), and time for attack was
picked because of that. WHO KNOWS - there could be thousands of reasons
why securityfocus.com is down. Didn't we all experience it once in a while
with _your_ provider when the link is down or ISP DDoSed?
I seriously doubt that people from securityfocus.com have their boxes
THAT vulnerable and have not taken necessary measures against attacks like
what have been discussed here on linux kernel issues, etc.
There are plenty of tools, starting from LIDS, stack protection in
kernels, chrooted environments, specific OS tweaks you can do - up to
various anti-scanning/syncookies/firewall triggers, etc etc etc - that you
can use to protect yourself.
Expect unexpected, do your homework and intensive reading, than you should
be fine :)
And you don't even need to be a hardcore coder to be able to protect
yourself - your best friend is www.google.com, assuming you know what you
are looking for.
Cheers,
Mik-
On Tue, 10 Sep 2002 isergevsky@...hmail.com wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hello again dear friends,
>
> My underground contacts have told me that the group I have been talking about ('Ac1dB1tch3z') is to be held responsible for the outage of secfocus within the last two weeks. Also, trustowrthy source which wills to remain anonymous, stated that Ac1dB1tch3z have recruited the Blue Boar and in fact he is behind all this. This twilight blackhat hacking group is making rounds already and people are fearly speaking about them. I think we should all secure our boxes as soon as possible. I myself am going to disconnect my box from internet until the storm passes.
>
> Yours Truly,
> Ivan
>
> >Neither have I. Strange, but all of their listserv traffic appe
> >ars to be
> >coming through just fine.
> >
> >>>-----Original Message-----
> >>>From: full-disclosure-admin@...ts.netsys.com
> >>>[mailto:full-disclosure-admin@...ts.netsys.com]On Behalf Of
> >>>securityguru@...hmail.com
> >>>Sent: Monday, September 09, 2002 12:49 PM
> >>>To: full-disclosure@...ts.netsys.com
> >>>Subject: [Full-Disclosure] SecurityFocus.com unavailable...
> >>>
> >>>
> >>>
> >>>-----BEGIN PGP SIGNED MESSAGE-----
> >>>Hash: SHA1
> >>>
> >>>haven't been able to hit 'em ALL day.
> >>>
> >>>SG
> >>>-----BEGIN PGP SIGNATURE-----
> >>>Version: Hush 2.1
> >>>Note: This signature can be verified at https://www.hushtools
> >.com
> >>>
> >>>wmEEARECACEFAj180GgaHHNlY3VyaXR5Z3VydUBodXNobWFpbC5jb20ACgkQn
> >s+IF5jR
> >>>p673hQCfUWfTLuxnS3MTHd9VjQ/7x6suWRMAnilh3jq6MtMHfk2/Yom6MlMtu
> >EOf
> >>>=XsN/
> >>>-----END PGP SIGNATURE-----
> >>>
> >>>
> >>>
> >>>
> >>>Get your free encrypted email at https://www.hushmail.com
> >>>_______________________________________________
> >>>Full-Disclosure - We believe in it.
> >>>Charter: http://lists.netsys.com/full-disclosure-charter.html
> >
> >
> >_______________________________________________
> >Full-Disclosure - We believe in it.
> >Charter: http://lists.netsys.com/full-disclosure-charter.html
> >
>
> -----BEGIN PGP SIGNATURE-----
> Version: Hush 2.1
> Note: This signature can be verified at https://www.hushtools.com
>
> wl8EARECAB8FAj19/KYYHGlzZXJnZXZza3lAaHVzaG1haWwuY29tAAoJEMfRnqqodk8T
> WqYAnjzW3nzRuQQ2XjVsPnLli3emyr/sAKCitvU23u0VSkXkVga2mQ+fEkVsDg==
> =gw8d
> -----END PGP SIGNATURE-----
>
>
>
>
> Get your free encrypted email at https://www.hushmail.com
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
Powered by blists - more mailing lists