lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Pine.LNX.4.33.0209101634560.6068-100000@cerber.no>
From: misha at cerber.no (Mikhail Iakovlev)
Subject: SecurityFocus.com unavailable...

Hello

I think this drastic measure is an overkill to the problem. Seems like 
Securityfocus is just DDoS'ed, which any kid on planet in theory can 
perform. Securing your boxes is another issue, and it should have been 
done _before_ you put it on the net in the first place.

Strangely, none of my contacts (including known groups over long time) 
ever heard of such group, neither about what you call "Black Boar".
It seems to me that someone is trying to advertise for some lowleve 
script-kiddie which will than can tell all his friends - "Hey, th3y 4re 
4fR4iD 0ff m3 0? tHaT m4iLiNg Li$T!!!Eye'm l33t!!!" etc etc in 
g00bl3z n00bish style.

It could be after all as simple as securityfocus has some 
problems with upgrades, or _their_ ISP in fact is under attack.
Maybe it happened as well because of Elias Levy was abroad last few days 
(he held conference in Stockholm 3-4 days ago), and time for attack was 
picked because of that. WHO KNOWS - there could be thousands of reasons 
why securityfocus.com is down. Didn't we all experience it once in a while 
with _your_ provider when the link is down or ISP DDoSed?

I seriously doubt that people from securityfocus.com have their boxes 
THAT vulnerable and have not taken necessary measures against attacks like 
what have been discussed here on linux kernel issues, etc.
There are plenty of tools, starting from LIDS, stack protection in 
kernels, chrooted environments, specific OS tweaks you can do - up to 
various anti-scanning/syncookies/firewall triggers, etc etc etc - that you 
can use to protect yourself. 

Expect unexpected, do your homework and intensive reading, than you should 
be fine :)

And you don't even need to be a hardcore coder to be able to protect 
yourself - your best friend is www.google.com, assuming you know what you 
are looking for.

Cheers,

Mik-

On Tue, 10 Sep 2002 isergevsky@...hmail.com wrote:

> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Hello again dear friends,
> 
> My underground contacts have told me that the group I have been talking about ('Ac1dB1tch3z') is to be held responsible for the outage of secfocus within the last two weeks. Also, trustowrthy source which wills to remain anonymous, stated that Ac1dB1tch3z have recruited the Blue Boar and in fact he is behind all this. This twilight blackhat hacking group is making rounds already and people are fearly speaking about them. I think we should all secure our boxes as soon as possible. I myself am going to disconnect my box from internet until the storm passes.
> 
> Yours Truly,
> Ivan
> 
> >Neither have I. Strange, but all of their listserv traffic appe
> >ars to be
> >coming through just fine.
> >
> >>>-----Original Message-----
> >>>From: full-disclosure-admin@...ts.netsys.com
> >>>[mailto:full-disclosure-admin@...ts.netsys.com]On Behalf Of
> >>>securityguru@...hmail.com
> >>>Sent: Monday, September 09, 2002 12:49 PM
> >>>To: full-disclosure@...ts.netsys.com
> >>>Subject: [Full-Disclosure] SecurityFocus.com unavailable...
> >>>
> >>>
> >>>
> >>>-----BEGIN PGP SIGNED MESSAGE-----
> >>>Hash: SHA1
> >>>
> >>>haven't been able to hit 'em ALL day.
> >>>
> >>>SG
> >>>-----BEGIN PGP SIGNATURE-----
> >>>Version: Hush 2.1
> >>>Note: This signature can be verified at https://www.hushtools
> >.com
> >>>
> >>>wmEEARECACEFAj180GgaHHNlY3VyaXR5Z3VydUBodXNobWFpbC5jb20ACgkQn
> >s+IF5jR
> >>>p673hQCfUWfTLuxnS3MTHd9VjQ/7x6suWRMAnilh3jq6MtMHfk2/Yom6MlMtu
> >EOf
> >>>=XsN/
> >>>-----END PGP SIGNATURE-----
> >>>
> >>>
> >>>
> >>>
> >>>Get your free encrypted email at https://www.hushmail.com
> >>>_______________________________________________
> >>>Full-Disclosure - We believe in it.
> >>>Charter: http://lists.netsys.com/full-disclosure-charter.html
> >
> >
> >_______________________________________________
> >Full-Disclosure - We believe in it.
> >Charter: http://lists.netsys.com/full-disclosure-charter.html
> >
> 
> -----BEGIN PGP SIGNATURE-----
> Version: Hush 2.1
> Note: This signature can be verified at https://www.hushtools.com
> 
> wl8EARECAB8FAj19/KYYHGlzZXJnZXZza3lAaHVzaG1haWwuY29tAAoJEMfRnqqodk8T
> WqYAnjzW3nzRuQQ2XjVsPnLli3emyr/sAKCitvU23u0VSkXkVga2mQ+fEkVsDg==
> =gw8d
> -----END PGP SIGNATURE-----
> 
> 
> 
> 
> Get your free encrypted email at https://www.hushmail.com
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
> 


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ