[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAM2Hf5=QFr2Lw-vnbZAQzYNb2WRj_qq75Q=u=pHsZ6GwMnjqNg@mail.gmail.com>
Date: Fri, 20 Jan 2012 15:24:58 -0800
From: Gage Bystrom <themadichib0d@...il.com>
To: James Condron <james@...o-internet.org.uk>,
"full-disclosure@...ts.grok.org.uk" <full-disclosure@...ts.grok.org.uk>
Subject: Re: Facebook seems to think my Arch Linux box has
malware on it
Well I apologize if you consider a 'dns lookup' to be a buzz word. I also
apologize if you are incapable of understanding intent without it being
spelled out for you that I was stating what I would do if I had seen that
and I suggest he do something similar.
What's your problem with me being specific instead of being vague about the
steps? The difference between your idiotic "Hollywood" script and what I
actually said is that I put an ounce of thought into mine. If you have a
problem with that I said then explain what's wrong with it instead of going
about with an ad hominem fallacy.
Speaking of contribution what the hell are you contributing with all of
this? I gave some 'trite advice' as to what he could do and I framed it as
what I would have done. What's so bad about that? If you can do nothing but
bitch about how my advice and my phrasing makes me a horrible person than
you might as well move on. I certainly know that's what I intend to do. Oh
wait, you have a problem with people stating what they would do in a given
situation, I'm sorry. I'll try to be more considerate next time.
On Jan 20, 2012 3:10 PM, "James Condron" <james@...o-internet.org.uk> wrote:
> Yeah, you really weren't, you were telling us how you would have handled
> it, with all the buzzwords and terms you could have thought of.
>
> Hell, I'm surprised you didn't manage to get the word 'synergy' in there.
>
> " I would do a dns lookup and then compare those results to that of a
> public web service, and save the links for the AVs to check if they have
> any malicious history associated with them."
>
> Reads like s bad Hollywood script
>
> "First I would ping the phone number and see if I could telnet to the
> ICMP, then get the PTR of the MAC address and use an ARP overflow and spoof
> the TTL of the Window Size and..." (etc. etc.)
>
> What are you suggesting; take a look at where the request is coming from
> and make a decision based on that whether the software is being punted by
> facebook or a third party?
>
> Fine- just say that; make your suggestion and get on with your life. Its a
> little trite as advice goes, but if thats all you can contribute then go
> for it.
>
> Coming in with your Marky-Mark talk of "First I'd get the first hijacker
> and use his head to kill the second hijacker and then I'd be all like
> 'yeah, lets land the plane here- let me drive'" is not very helpful
>
> On 20 Jan 2012, at 22:37, Gage Bystrom wrote:
>
> > What the hell are you talking about? I was just giving some advice on
> how he could check if it was legit or not if it happens again.
> >
> > What crawled up your ass and died this morning?
> >
> > On Jan 20, 2012 2:21 PM, <james@...o-internet.org.uk> wrote:
> > You should tell us what you would have done had you been on one of the
> hijacked sept 11 planes.
> >
> > Bet things would have gone down different then, amiright?
> >
> > Sent from my BlackBerry® wireless device
> >
> > -----Original Message-----
> > From: Gage Bystrom <themadichib0d@...il.com>
> > Sender: full-disclosure-bounces@...ts.grok.org.uk
> > Date: Fri, 20 Jan 2012 13:29:01
> > To: Wesley Kerfoot<wjak56@...il.com>; full-disclosure@...ts.grok.org.uk<
> full-disclosure@...ts.grok.org.uk>
> > Subject: Re: [Full-disclosure] Facebook seems to think my Arch Linux box
> has
> > malware on it
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
>
>
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists