| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <4A5E29D9.3070706@csuohio.edu> Date: Wed, 15 Jul 2009 15:11:21 -0400 From: Michael Holstein <michael.holstein@...ohio.edu> To: "Tomas L. Byrnes" <tomb@...neit.net> Cc: full-disclosure@...ts.grok.org.uk Subject: Re: Ant-Sec - We are going to terminateHackforums.net and Milw0rm.com - New Apache 0-day exploit uncovered > That site has already been pwned by the DEA, so if you go there, > expect to be logged and contacted. > I doubt that .. for several reasons. 1. The DEA likes to announce their successes, so there'd be a press release about it. 2. Junk like that is in places like 4chan, et.al. all the time .. just to make k1dd13s crap their pants. 3. Google of the hostname provides no links to actual drug sales at all .. just a bunch of IRC chat logs. If it actually had been used for that, it'd be in tons of spam links. 4. Hosting provider is Linode.com, a VPS colo. 5. The "real" DEA banner (http://www.usdoj.gov/dea/dea_banner.jpg) was edited with Photoshop to produce the one on that site : "wget -proxy=on -O - http://narc.oti.cz/dea_banner.jpg |strings |head -3" JFIF Ducky Adobe But as always .. click on links in email at your own risk. Use TOR+wget if you want to be careful. Cheers, Michael Holstein Cleveland State University _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists