| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <72A32B2211AFF1458FCAE89F63BC537FB5E68E@miahcemail1.seqnt.com> Date: Wed May 25 18:06:09 2005 From: mlachniet at sequoianet.com (Lachniet, Mark) Subject: Not even the NSA can get it right Puhleeze, do you really think that tax funded organizations have nothing better to do? Government faces a continual battle for resources and time. Setting up a "honeypot" as putzy as this would take time and effort that could be much better spent. Are you sure it's the NSA that is paranoid? Mark Lachniet > -----Original Message----- > > lol are you guys joking? They wouldn't allow an xss bug on their > > website on purpose come on now. > > You're not devious enough. Remember that the *best* place to > put a honeypot is right out there in plain sight where it's > likely to attract > attention. So now they've grepped their Apache logs, and they've > added several dozen people to their "suspected script kiddie" list. > > (Remember - the NSA probably knows more about proper > airgapping than anybody. > All *those* webservers have on them is non-sensitive content, > so you can't actually *get* anything really interesting to > happen - in the NSA view of the world, "public website gets > defaced" isn't particularly interesting or noteworthy). > >
Powered by blists - more mailing lists