lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <06ab01c643d2$a506d780$0100a8c0@nuclearwinter>
Date: Thu Mar  9 23:37:57 2006
From: fd at g-0.org (GroundZero Security)
Subject: For Sale: Security Vulnerability
	DatabaseCompany 

Noone takes a google group serious get a real domain.
the n3td3v thing is just a site thrown together so they can
put up adsense and make some cash. It looks totally unprofessional,
yet they claim its build from "software developers, international hackers, 
security researchers, online media journalists, system administrators, 
incident response professionals, top thinkers and security aware peoples"
and not even one of them has skills in html or even 10 bucks to buy a domain?
yeah right......... :-)
  ----- Original Message ----- 
  From: System Outage 
  To: full-disclosure@...ts.grok.org.uk 
  Sent: Thursday, March 09, 2006 10:14 PM
  Subject: Re: [Full-disclosure] For Sale: Security Vulnerability DatabaseCompany 


  Thats a complete exaduration actually, theres no query on the group that would come up with 5,000 results. The n3td3v group engine is pretty accurate, and displays perfect technical detail documentation, and additionally, (if required) can offer related and even off shoot background discussion into a particular vulnerability at the time of its disclosure. To say an ntp search would come up with 5,000 unrelated results is completely barbaric. I think the source to your hatred is with the founder ('n3td3v') rather than the group its self which offers a great resource to anyone in the security field. Of course, if you can provide conclusive evidence to the contrary, do get in touch with the list, providing indepth audit information relating to your claim.

  Valdis.Kletnieks@...edu wrote: 
    On Wed, 08 Mar 2006 05:46:03 PST, System Outage said:

    > Why would someone buy a security vulnerability database company? Theres
    > already free security vulnerability databases out there. Try this one I
    > recently found, you can search for anything you want http://groups.google.com/
    > group/n3td3v and its free.

    Geez. Somebody hand me a sharp wooden stake, a good mallet, and some garlic
    and holy water just in case... ;)

    I'm sure you can *search* for anything you want there. The value of a database
    is, however, directly related to its ability to return useful information.

    5,000 postings that all say "wow leet hole in ntp a few years ago" is worth
    nowhere near as much as one detailed technical posting of how that exploit
    leveraged a one-byte buffer overrun into a complete rooting of the box....





------------------------------------------------------------------------------
  Brings words and photos together (easily) with
  PhotoMail - it's free and works with Yahoo! Mail.


------------------------------------------------------------------------------


  _______________________________________________
  Full-Disclosure - We believe in it.
  Charter: http://lists.grok.org.uk/full-disclosure-charter.html
  Hosted and sponsored by Secunia - http://secunia.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060310/115840f6/attachment.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ