My $7000 Apple workstation, that has the same specs as my system at home that I paid $2000 for, doesn't get viruses! Apple store guy you were so right!
Also, you obviously show no knowledge about how Tor operates. You can block the exit nodes on the BL, however there are connections that make an exit connection that are not listed on the Tor exit node list.
Already done. I love how the Slashdot crowd loves to chime in. I guess you don't know what a RFI attack is all about. I'll fill you in: its just a standard HTTP request.
Thanks for your input though. It was very intelligent and extremely helpful.
Plus a blacklist for Tor is widely available. They could incorporate checking that IP address against the Tor BL to help prevent things like this.
Like I said, very unprofessional..
CERT Malaysia sent my VPS provider an "abuse" complaint because someone with a exploit scanning script decided to launch a RFI attack against a CERT Malaysia honeypot. CERT MY (what I will refer to them from now on) sent an automated complaint to my provider about this "attack". My provider's abuse department freaked out and suspended my server.
I emailed and used the reference number that was emailed to the abuse department to CERT MY. I've never seen such a level of technical ignorance. First, the IP address that was attacked, was omitted in the report. It was listed as "XXX.XXX.XXX" and after about six or so emails, they refused to give it to me or give me an IP address range for me to block in my firewall so I wouldn't get in trouble with them for hitting their honeypots.
I got nothing. They have the English skills of a 3 year old. My provider finally realized their lack of professionalism and unsuspended my server. These groups think they are doing something when actually, it's delusions of grandeur. Yes, listening for "new" attacks is great but sending out automated, unsolicited emails (doesn't that technically qualify as spam?) to providers without review is hardly security. If they had looked at my hostname on my VPS, they would have realized it was a Tor exit node (hostname: tor-exit-node.domain.com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Dear Sir,
According to our records, we do sent an alert to your ISP about the intrusion
attempt, and it was coming from the IP (omitted). It is not the issue of
whether we are using snort or what software, we have captured the intrusion
attempt, and we sent the alert to your ISP.
We understand you concern, providing anonymous and transparent browsing to all
of your user, but it have been abused, and you should do something about it. It
would not be a reason for us to whitelist TOR network from our system.
Hope your TOR network were up and running again now, and no such thing will
happen again in the future.
It's funny how they suggest I "do something" about it but fail to reveal their IP blocks or even the IP address of the sensor in question. They stopped responding to my emails after I told them I was going to email Jaring, their ISP, for sending out bulk spam and unsolicited emails to ISPs. Jaring never responded, so if you need to run a spam operation overseas, sign up with Jaring.
My Tor exit node is probably going to get DMCA takedown requests. I got one for "CSI: Miami Season 4" and CERT Malaysia said I was launching an attack against XXX.XXX.XXX but won't provide me an IP address or range to block. Silly DMCA folks!!!!
Slashdot Mirror
I promise I won't jump off the roof. The way the economy is and the price that Apple sells their products for, these could easily be made in America.
Nobody would care because it seems like the Twitter demographics are basically everyone who is still on Myspace but not on Facebook
http://www.adam4adam.com/?section=50&action=accept&profile_id=blazesf Daniel "Blaze" Spitler. The gay porn in the background should not be offensive to the Apple community
.. releasing a rubber casing to put around your phone due to the design flaw
May this innovation help people impulsively spend their money that they don't have
nuke norway plz
Torrent trackers have popped up all over the Netherlands from home 100Mbps users
... explains the Mac cult
Duh
I prefer Lamebook over Failblog any day of the week - I think Failblog is ran by autists and folks infected with Assbergers Syndrome.
How much gay porn can I store on Facebook if they have file sharing? My Mac is overloaded with gay porn
Lets see if a Mac can really get a virus ;-)
Will this unsuspecting guy access the child porn cache.. Hello my name is Chris Hansen and I am from NBC's "To Catch A Predator" please sit down
If it was running Apple hardware and Mac OS, it would cost about 10x more and be 10x slower than the Microsoft solution
My $7000 Apple workstation, that has the same specs as my system at home that I paid $2000 for, doesn't get viruses! Apple store guy you were so right!
I can see it now!
Twitter was used for something useful! Stop the presses!!!!
You can't. EOD
Also, you obviously show no knowledge about how Tor operates. You can block the exit nodes on the BL, however there are connections that make an exit connection that are not listed on the Tor exit node list.
Already done. I love how the Slashdot crowd loves to chime in. I guess you don't know what a RFI attack is all about. I'll fill you in: its just a standard HTTP request. Thanks for your input though. It was very intelligent and extremely helpful.
Plus a blacklist for Tor is widely available. They could incorporate checking that IP address against the Tor BL to help prevent things like this. Like I said, very unprofessional..
How can you agree in broken Engrish?
I run a Tor exit node on a VPS provider.
CERT Malaysia sent my VPS provider an "abuse" complaint because someone with a exploit scanning script decided to launch a RFI attack against a CERT Malaysia honeypot. CERT MY (what I will refer to them from now on) sent an automated complaint to my provider about this "attack". My provider's abuse department freaked out and suspended my server.
I emailed and used the reference number that was emailed to the abuse department to CERT MY. I've never seen such a level of technical ignorance. First, the IP address that was attacked, was omitted in the report. It was listed as "XXX.XXX.XXX" and after about six or so emails, they refused to give it to me or give me an IP address range for me to block in my firewall so I wouldn't get in trouble with them for hitting their honeypots.
I got nothing. They have the English skills of a 3 year old. My provider finally realized their lack of professionalism and unsuspended my server. These groups think they are doing something when actually, it's delusions of grandeur. Yes, listening for "new" attacks is great but sending out automated, unsolicited emails (doesn't that technically qualify as spam?) to providers without review is hardly security. If they had looked at my hostname on my VPS, they would have realized it was a Tor exit node (hostname: tor-exit-node.domain.com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Dear Sir,
According to our records, we do sent an alert to your ISP about the intrusion
attempt, and it was coming from the IP (omitted). It is not the issue of
whether we are using snort or what software, we have captured the intrusion
attempt, and we sent the alert to your ISP.
We understand you concern, providing anonymous and transparent browsing to all
of your user, but it have been abused, and you should do something about it. It
would not be a reason for us to whitelist TOR network from our system.
Hope your TOR network were up and running again now, and no such thing will
happen again in the future.
It's funny how they suggest I "do something" about it but fail to reveal their IP blocks or even the IP address of the sensor in question. They stopped responding to my emails after I told them I was going to email Jaring, their ISP, for sending out bulk spam and unsolicited emails to ISPs. Jaring never responded, so if you need to run a spam operation overseas, sign up with Jaring.
My Tor exit node is probably going to get DMCA takedown requests. I got one for "CSI: Miami Season 4" and CERT Malaysia said I was launching an attack against XXX.XXX.XXX but won't provide me an IP address or range to block. Silly DMCA folks!!!!
They talked about mandatory virus scan before you could login... brilliant!