[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <02d001c6554f$84c3ce40$6701a8c0@desktop>
Date: Sat Apr 1 06:45:03 2006
From: htregz at aoaddicts.net (HTRegz)
Subject: n3td3v group calls on RSA to clarify theirstance
While I?m not normally one to reply to this list? I can?t stand to see this
go on any further. Don?t expect another response as I don?t have the time
(other than late Friday night) to sit and respond to this drivel..
n3td3v:
How do you figure on this single user Microsoft Windows XP computer??
Last time I checked Windows XP was a multi-user environment? Also? if it?s
not a botnet it must be Windows? that?s a rather childish thought?. Also a
botnet has negative connotations.. That is to say, it?s a group of PCs under
the control of a single individual or group. This group of PCs (Zombies) are
used mostly for illegal purposes, or on IRC networks (different sort of
botnet? where the name was derived from).
What makes you think that RSA has a single IP? that?s a pretty foolhardy
belief. They aren?t some kid on a cable modem. In fact, a quick search of
ARIN, assuming only RSA Security shows they have several net blocks
---SNIP---
RSA Security Inc. RSA-SECURITY-C1 (NET-192-80-211-0-1) 192.80.211.0 -
192.80.211.255
RSA Security Inc. RSA-SECURITY (NET-216-162-240-0-1) 216.162.240.0 -
216.162.255.255
RSA Security Inc. UU-63-84-35-192-D4 (NET-63-84-35-192-1) 63.84.35.192 -
63.84.35.223
RSA SECURITY UU-65-216-28-32-D7 (NET-65-216-28-32-1) 65.216.28.32 -
65.216.28.39
RSA SECURITY UU-65-214-232-56-D3 (NET-65-214-232-56-1) 65.214.232.56 -
65.214.232.63
RSA Security UU-65-221-107 (NET-65-221-107-0-1) 65.221.107.0 -
65.221.107.255
Rsa Security Inc SBC066123220136030905 (NET-66-123-220-136-1) 66.123.220.136
- 66.123.220.143
RSA Security, Inc. QWEST-IAD-RSA1 (NET-63-150-186-0-1) 63.150.186.0 -
63.150.186.255
RSA Security, Inc. QWEST-IAD-RSA (NET-66-77-65-208-1) 66.77.65.208 -
66.77.65.223
---SNIP---
The odds are that others involved in this will contribute machines on their
networks.. and that RSA owns blocks not listed above? servers setup on these
blocks running the software will submit information to the pages? This is
not a botnet? If this is a botnet then the worlds SMTP servers are a huge
botnet? oh yeah and the Root DNS servers must be a botnet?
We?re not asking a lot here.. just that you think a little and approach this
from at least somewhat of a technical understanding?
Others have already pointed out why this will work from a banks
point-of-view and others on why phishers are not automated? I?m now showing
you why this isn?t some big illegal botnet? and how it?s a completely legal
operation?. I?d bet that by inviting hackers? RSA is saying run the
software? Think of it as distributed computing? Is that a big illegal botnet
as well??
Peace,
HT
_____
From: full-disclosure-bounces@...ts.grok.org.uk
[mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf Of n3td3v
Sent: Friday, March 31, 2006 11:50 PM
To: Morning Wood; full-disclosure@...ts.grok.org.uk
Subject: Re: [Full-disclosure] n3td3v group calls on RSA to clarify
theirstance
If the RSA aren't using a bot network, then are you suggesting they are
sending garbage data from one single user Microsoft Windows XP computer....
to all the worlds phishing logins? Wake up mr se cur ity at hotmail dot com
On 4/1/06, Morning Wood <HYPERLINK
"mailto:se_cur_ity@...mail.com"se_cur_ity@...mail.com> wrote:
>*while RSA are carrying out these attacks, is it legally OK for hackers to
>"HELP OUT" the RSA by pointing a few of our bot net's at some Yahoo and
>eBay
>fake login web pages that we know about and feed them with fake username
>and
>password data. We don't want to end up in jail, but since the RSA are doing
>it, so we can tell our lawyers that the RSA recommended the tactic to us.*
>*Much regards,*
>*n3td3v international security group*
so... the "n3td3v group" has "a few [of our ] botnets" did I hear this
right? ( *blink* )
somehow I dont think RSA is using "botnets", which BTW are ILLEGAL in *most*
countries
( yes, including your precious UK )
I just want to thank the biggest security group ( lol ) for using teh
botz!!!
I am sure Yahoo-Inc, Google, EBay, Microsoft and FooBarBlehCo will thank
you publicly on CNN so we will know how n3td3v group saved us all with
botnets!!!
thanks b0td3v gr0upz,
MW
_______________________________________________
Full-Disclosure - We believe in it.
Charter: HYPERLINK
"http://lists.grok.org.uk/full-disclosure-charter.html"http://lists.grok.org
.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - HYPERLINK
"http://secunia.com/"http://secunia.com/
--
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.1.385 / Virus Database: 268.3.3/298 - Release Date: 3/30/2006
--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.385 / Virus Database: 268.3.3/298 - Release Date: 3/30/2006
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060401/b30ae0f8/attachment.html
Powered by blists - more mailing lists