lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-Id: <1248438828.3747.1.camel@jatoba>
Date: Fri, 24 Jul 2009 09:33:48 -0300
From: Ulisses Reina Montenegro de Albuquerque <ulisses.montenegro@...ar.org.br>
To: Danila Wartho <compsecguy@...mail.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Slashdot hacked?

How can one work as a CISSP? Please enlighten us, as it seems you get
God-almighty-like superpowers when you manage to land on a job like
that. Myself, I'm still a "Not a CISSP".

http://www.veracode.com/blog/2008/04/not-a-cissp/


On Thu, 2009-07-23 at 23:24 +0000, Danila Wartho wrote:
> Hello Valter,
> 
> > To: compsecguy@...mail.com
> > CC: full-disclosure@...ts.grok.org.uk
> > Subject: Re: [Full-disclosure] Slashdot hacked?
> > From: Valdis.Kletnieks@...edu
> > Date: Thu, 23 Jul 2009 18:23:57 -0400
> > 
> > On Thu, 23 Jul 2009 21:47:42 -0000, Compsec Guy said:
> > 
> > > What's wrong with Slashdot today?
> > 
> > Oh my ghod, it's full of jews!!
> > 
> 
> I don't see what the point is in pulling in the Germans in this
> discussion..
> 
> 
> > (Hint: Before posting to a worldwide list asking what's wrong with a
> site,
> > a few things to check:
> > 
> > 0) Wait at least 5-10 minutes to make sure it's not a short-lived
> issue that
> > will be fixed before people have a chance to read your mail. Go have
> a beer,
> > or a cookie, or something else age-appropriate. It will probably be
> better by
> > the time you get back.
> 
> 
> The reverse should also apply.
> Now, did you wait 5-10 minutes to see if it was really hacked?
> 
> 
> > 1) Ask a friend (preferably in another country, or at least a
> different ISP)
> > whether they see the issue as well.
> 
> 
> I work as a CISSP at an ISP. I know how these things works. You're out
> of control, man!
> 
> 
> > 2) Describe any steps you've taken to verify the problem isn't at
> your end.
> > For instance, if you're using somebody else's wireless connection,
> maybe this
> > happened to you:
> http://www.ex-parrot.com/pete/upside-down-ternet.html
> 
> 
> There's no need. As I said, I'm a CISSP.
> Now you get back to school, seems as if you still got stuff to learn
> about how the Internet works.
> 
> 
> > 3) Bill Joy's Law of Demos: "Never precede a demo with anything more
> > predictive than 'Watch This!'". When reporting a problem, don't do
> that.
> > Give at least a rough idea of what you are observing - site times
> out,
> > connection refused, connects but no pages returned, all pages have
> either
> > goatse or n3td3v pictures on them, etc...
> 
> 
> You've got an attitude problem. I'm sorry, but you need help. 
> 
> 
> > For the record, it looks fine from here (at least the front page)
> > 
> > Latest story posted:
> > 
> > Ask Slashdot: How To Vet Clever Ideas Without Giving Them Away? on
> Thursday July 23, @06:00PM
> > Posted by timothy on Thursday July 23, @06:00PM
> > from the don't-clever-ideas-want-to-be-free? dept. 
> > 
> > So what do you *think* the problem is?
> 
> 
> You tell me.
> 
> 
>  - Danila
> 
> 
> 
> 
> ______________________________________________________________________
> Inte bara e-post - Windows LiveT är mycket mer än din inkorg. Mer än
> bara meddelanden 
> 
> 
> -- 
> .: ANTI-SPAM C.E.S.A.R :.
> Esta mensagem foi automaticamente classificada como LEGÍTIMA
> Se você acredita que É SPAM clique aqui
> 
> 
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
-- 
Ulisses Montenegro <ulisses.montenegro@...ar.org.br>
Engenheiro de Sistemas
Centro de Estudos e Sistemas Avançados do Recife
http://www.cesar.org.br/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ