[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <D8F145F0-14D1-403B-9D34-659F46035E5B@zero-internet.org.uk>
Date: Fri, 20 Jan 2012 23:10:04 +0000
From: James Condron <james@...o-internet.org.uk>
To: Gage Bystrom <themadichib0d@...il.com>
Cc: "full-disclosure@...ts.grok.org.uk" <full-disclosure@...ts.grok.org.uk>
Subject: Re: Facebook seems to think my Arch Linux box has
malware on it
Yeah, you really weren't, you were telling us how you would have handled it, with all the buzzwords and terms you could have thought of.
Hell, I'm surprised you didn't manage to get the word 'synergy' in there.
" I would do a dns lookup and then compare those results to that of a public web service, and save the links for the AVs to check if they have any malicious history associated with them."
Reads like s bad Hollywood script
"First I would ping the phone number and see if I could telnet to the ICMP, then get the PTR of the MAC address and use an ARP overflow and spoof the TTL of the Window Size and..." (etc. etc.)
What are you suggesting; take a look at where the request is coming from and make a decision based on that whether the software is being punted by facebook or a third party?
Fine- just say that; make your suggestion and get on with your life. Its a little trite as advice goes, but if thats all you can contribute then go for it.
Coming in with your Marky-Mark talk of "First I'd get the first hijacker and use his head to kill the second hijacker and then I'd be all like 'yeah, lets land the plane here- let me drive'" is not very helpful
On 20 Jan 2012, at 22:37, Gage Bystrom wrote:
> What the hell are you talking about? I was just giving some advice on how he could check if it was legit or not if it happens again.
>
> What crawled up your ass and died this morning?
>
> On Jan 20, 2012 2:21 PM, <james@...o-internet.org.uk> wrote:
> You should tell us what you would have done had you been on one of the hijacked sept 11 planes.
>
> Bet things would have gone down different then, amiright?
>
> Sent from my BlackBerry® wireless device
>
> -----Original Message-----
> From: Gage Bystrom <themadichib0d@...il.com>
> Sender: full-disclosure-bounces@...ts.grok.org.uk
> Date: Fri, 20 Jan 2012 13:29:01
> To: Wesley Kerfoot<wjak56@...il.com>; full-disclosure@...ts.grok.org.uk<full-disclosure@...ts.grok.org.uk>
> Subject: Re: [Full-disclosure] Facebook seems to think my Arch Linux box has
> malware on it
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists