lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-Id: <C65F3DEE-7643-4324-8F7B-3397AA6797EB@sabahattin-gucukoglu.com>
Date: Fri, 10 Jun 2011 11:55:07 +0100
From: Sabahattin Gucukoglu <mail@...ahattin-gucukoglu.com>
To: Ben <ben@...owel.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Full-Disclosure Digest, Vol 76, Issue 12

On 10 Jun 2011, at 01:11, Ben wrote:
> While email filters are there for the using, me and a buddy created a
> website for this exact purpose. I have not advertised it because it is still
> a work in progress (very much so), however it is mostly functional. There
> are still several features I wish to add.
> 
> The website grabs information from multiple sources like full disclosure and
> bugtraq and allows you to create keywords to get alerted on, and only a
> message containing the keyword will be sent to you. As a value added feature
> of the website, we also offer an RSS feed if you'd rather consume RSS
> instead of email. The RSS feed will only contain entries that match your
> keywords. Since I don't approve of people spamming links on this mailing
> list I will refrain from providing a URL in this message, but if you are
> interested in seeing the website just reply to me and I'll send you the URL.

Sure, I'll have a look, but I think you need two very important features if you don't have them yet:
* Message de-duplication, to avoid duplicates caused by crossposts.
* Default include, so the keyword list is an inverse, not an only-if-match.

My rules would look like:
- sql inject
- php
- csrf
- iaa
- binary plant
+ *

The difficulty with email is that the posts don't often clearly indicate what they are in headers.  If they did, they'd be easily trashable.  Still, I'll give some more thorough and reversible filtering a try.

Cheers,
Sabahattin

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ