I would both use the common tools found in the skript kiddie world, and actual skills in auditing a site. I would (however) use a "throw-away" box to do that from, just in case there were trojans in the code.;-)
If I could afford it, I would have the box, and the "victim" be on a private network, to prevent any "calling home" from being done.
Recently my mozilla address was gathered for spam. But it wasn't my real address, so it was easy to drop.
That is exactly why I run my own email server. I'm still in the process of moving everything over, but then, I can see where the spam is comming from, and inform list owners, and take action against the spammers.
ICANN has already specified this, in RFC-2870. [http://www.isi.edu/in-notes/rfc2870.txt]
/quote/
2.3 At any time, each server MUST be able to handle a load of requests for root data which is three times the measured peak of such requests on the most loaded server in then current normal conditions. This is usually expressed in requests per second. This is intended to ensure continued operation of root services should two thirds of the servers be taken out of whether by intent, accident, or malice.
/quote/
bilbo did think like that. gandalf forced him out, and "tricked" (not the best word, but the most appropriate one that comes to mind) him into going with the dwarfs.
Yes The Register is UK based, but the reporter who reported this is based in the US. See the top of the article: "Thomas C Green in Washington". That's in reference to Washington DC, USA.
iMacs are aimed at Joe-I-just-wanna-browse-the-damn-web. They don't even know what a PCI card is, let alone know how to install one.
I just bought a Powerbook G4, and that has a type I/II PCMCIA slot. But since the Powerbook has a 56-k modem, and a 10/100/1000-baseT ethernet slot already built in, what would you put in it?
I'm an Eagle Scout, and at every job interview I have gone to, I have had to explain what it ment/entailed. It doesn't seem like it's such a good thing anymore.:-(
with few exceptions: lame-ass names are banned, they go through a "lameness" filter, and if a gm doesn't like your name, depending on the gm, you can be deleted, or required to change your name.
pking ONLY works on servers with that on, and you can only loot the coins on a pvp server.
they now don't require a credit card, at compusa, you can buy a 90 day card for USD$30 (same rate as credit card).
I agree, that I like the single player games (mostly because my roommates download mp3's and divx movies all the time) and cause i can pause the single player games. save and come back is another great feature. and sometimes, dammit, i wanna cheat, just so i can blow stuff up. not for normal playing mind, just shoot all of the aliens and slaughter the cpu/ai to relieve stress.
*sigh*, 192.168.x.x is private bandwith. that's not a real static ip (I get 4 STATIC for free with my dsl, and i'm upgrading to 8 for $12/month (3 roommates, and several servers))
you damn right....i got soul reaver:legacy of kain a few months ago, and i couldn't put it down. i only inturuptted my soul reaving by gettting a new computer, firewall and DSL within a month. but once i get my system working (to my specs) i'm gonna beat kain like a little bitch.
that's what i figured, but i wanted to test that anyways. i'm suprised that everyone didn't check the glob() code the last time a similar bug came out. (IIRC, THIS expoit was deamed hypothetical-not-exploitable back in April. If an attack is hypothetical, then it WILL be exploited.)
yes it is immoral. that is what we like to call "theft". if i let you borrow my car, and you keep it, you can't use the "possession is 9/10th of the law" excuse. it's still mine. if you purchase an upgrade then hack it to make it a full version, that is still theft.
granted, that was dumb on apple's part to include the full version on an upgrade cd, but that's their call
ftp@/usr/libexec> uname -a
OpenBSD phobos 3.0 GENERIC#94 i386
ftp@/usr/libexec> ftp localhost
Connected to localhost.
220 localhost. FTP server (Version 6.5/OpenBSD) ready.
Name (localhost:ftp): ftp
331 Password required for ftp.
Password:
230- OpenBSD 3.0 (GENERIC) #94: Thu Oct 18 14:48:27 MDT 2001
230-
230- Welcome to OpenBSD: The proactively secure Unix-like operating system.
230-
230- Please use the sendbug(1) utility to report bugs in the system.
230- Before reporting a bug, please try to reproduce it with the latest
230- version of the code. With bug reports, please try to ensure that
230- enough information to reproduce the problem is enclosed, and if a
230- known fix for it exists, include that as well.
230-
230 User ftp logged in.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls ~{
229 Entering Extended Passive Mode (|||36864|)
150 Opening ASCII mode data connection for '/bin/ls'.
total 10
-rw-r--r-- 1 ftp ftp 769 Nov 26 11:09.cshrc
-rw-r--r-- 1 ftp ftp 318 Nov 26 11:09.login
-rw-r--r-- 1 ftp ftp 105 Nov 26 11:09.mailrc
-rw-r--r-- 1 ftp ftp 201 Nov 26 11:09.profile
-rw------- 1 ftp ftp 128 Nov 26 11:09.rhosts
226 Transfer complete.
ftp>
"The hole is the result of a programming error in the portion of WU-FTPd that processes file names containing special characters. BindView's Matt Power discovered in April that the server would crash if presented with the file name '~{', but the program's maintainers believed the bug could not be exploited. "
I signed up for all of the security focus mailing lists, in digest format. I scan the subjects on everyone, and read the messages that I use/care about. BugTraq is a mailing list, I don't think there can be a slashbox for mailing lists.
Look at the BUGTRAQ advisiry.;-) http://aris.securityfocus.com/alerts/wuftpd/ is quite useful. It looks like it's a run-of-the-mill buffer overflow. There are currently no IDS sigs that can detect it (but I'm sure that will change as soon as I post this.) If you can, disable anonftp access. If not, look through the log files for an extreamly long command. (The description shows 60+ 'a' in a row.)
This is very similar to an exploit discovered about 4 months ago. Why didn't the Wu-FTP people check to see if they were vulnerable?
Slashdot Mirror
I would both use the common tools found in the skript kiddie world, and actual skills in auditing a site. I would (however) use a "throw-away" box to do that from, just in case there were trojans in the code. ;-)
If I could afford it, I would have the box, and the "victim" be on a private network, to prevent any "calling home" from being done.
Recently my mozilla address was gathered for spam. But it wasn't my real address, so it was easy to drop.
That is exactly why I run my own email server. I'm still in the process of moving everything over, but then, I can see where the spam is comming from, and inform list owners, and take action against the spammers.
Yea, but when only 3 people purchuse the software, and you have 750,000 users.....there's a problem.
ICANN has already specified this, in RFC-2870. [http://www.isi.edu/in-notes/rfc2870.txt]
/quote/
2.3 At any time, each server MUST be able to handle a load of requests for root data which is three times the measured peak of such requests on the most loaded server in then current normal conditions. This is usually expressed in requests per second. This is intended to ensure continued operation of root services should two thirds of the servers be taken out of whether by intent, accident, or malice.
/quote/
I think that is the guarentee.
the book was writtan in 1976. the book came first. betcha didn't know that! ;-)
bilbo did think like that. gandalf forced him out, and "tricked" (not the best word, but the most appropriate one that comes to mind) him into going with the dwarfs.
in the book greedo pulls his gun, but han is a much faster shot, and kills greedo before he gets a shot off.
Yes The Register is UK based, but the reporter who reported this is based in the US. See the top of the article: "Thomas C Green in Washington". That's in reference to Washington DC, USA.
iMacs are aimed at Joe-I-just-wanna-browse-the-damn-web. They don't even know what a PCI card is, let alone know how to install one.
I just bought a Powerbook G4, and that has a type I/II PCMCIA slot. But since the Powerbook has a 56-k modem, and a 10/100/1000-baseT ethernet slot already built in, what would you put in it?
I'm an Eagle Scout, and at every job interview I have gone to, I have had to explain what it ment/entailed. It doesn't seem like it's such a good thing anymore. :-(
*cough* plan for ffxi/xii *cough*
heh...i only abused it once....the day before graduation, after everything was verified...;-)
i did the same thing (run the school's computers) and did the same thing (graduate with perfect attendance) ;-)
with few exceptions: lame-ass names are banned, they go through a "lameness" filter, and if a gm doesn't like your name, depending on the gm, you can be deleted, or required to change your name.
pking ONLY works on servers with that on, and you can only loot the coins on a pvp server.
they now don't require a credit card, at compusa, you can buy a 90 day card for USD$30 (same rate as credit card).
I agree, that I like the single player games (mostly because my roommates download mp3's and divx movies all the time) and cause i can pause the single player games. save and come back is another great feature. and sometimes, dammit, i wanna cheat, just so i can blow stuff up. not for normal playing mind, just shoot all of the aliens and slaughter the cpu/ai to relieve stress.
Do you live in California? You can't even smoke there! ;-)
3
and we don't claim to be using the same currancy.
*sigh*, 192.168.x.x is private bandwith. that's not a real static ip (I get 4 STATIC for free with my dsl, and i'm upgrading to 8 for $12/month (3 roommates, and several servers))
you damn right....i got soul reaver:legacy of kain a few months ago, and i couldn't put it down. i only inturuptted my soul reaving by gettting a new computer, firewall and DSL within a month. but once i get my system working (to my specs) i'm gonna beat kain like a little bitch.
that's what i figured, but i wanted to test that anyways. i'm suprised that everyone didn't check the glob() code the last time a similar bug came out. (IIRC, THIS expoit was deamed hypothetical-not-exploitable back in April. If an attack is hypothetical, then it WILL be exploited.)
yes it is immoral. that is what we like to call "theft". if i let you borrow my car, and you keep it, you can't use the "possession is 9/10th of the law" excuse. it's still mine. if you purchase an upgrade then hack it to make it a full version, that is still theft.
granted, that was dumb on apple's part to include the full version on an upgrade cd, but that's their call
ftp@/usr/libexec> uname -a .cshrc
.login
.mailrc
.profile
.rhosts
OpenBSD phobos 3.0 GENERIC#94 i386
ftp@/usr/libexec> ftp localhost
Connected to localhost.
220 localhost. FTP server (Version 6.5/OpenBSD) ready.
Name (localhost:ftp): ftp
331 Password required for ftp.
Password:
230- OpenBSD 3.0 (GENERIC) #94: Thu Oct 18 14:48:27 MDT 2001
230-
230- Welcome to OpenBSD: The proactively secure Unix-like operating system.
230-
230- Please use the sendbug(1) utility to report bugs in the system.
230- Before reporting a bug, please try to reproduce it with the latest
230- version of the code. With bug reports, please try to ensure that
230- enough information to reproduce the problem is enclosed, and if a
230- known fix for it exists, include that as well.
230-
230 User ftp logged in.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls ~{
229 Entering Extended Passive Mode (|||36864|)
150 Opening ASCII mode data connection for '/bin/ls'.
total 10
-rw-r--r-- 1 ftp ftp 769 Nov 26 11:09
-rw-r--r-- 1 ftp ftp 318 Nov 26 11:09
-rw-r--r-- 1 ftp ftp 105 Nov 26 11:09
-rw-r--r-- 1 ftp ftp 201 Nov 26 11:09
-rw------- 1 ftp ftp 128 Nov 26 11:09
226 Transfer complete.
ftp>
Quoted from The Register:
"The hole is the result of a programming error in the portion of WU-FTPd that processes file names containing special characters. BindView's Matt Power discovered in April that the server would crash if presented with the file name '~{', but the program's maintainers believed the bug could not be exploited. "
URL for the article is http://www.theregister.co.uk/content/4/23082.html
I signed up for all of the security focus mailing lists, in digest format. I scan the subjects on everyone, and read the messages that I use/care about. BugTraq is a mailing list, I don't think there can be a slashbox for mailing lists.
Look at the BUGTRAQ advisiry. ;-) http://aris.securityfocus.com/alerts/wuftpd/ is quite useful. It looks like it's a run-of-the-mill buffer overflow. There are currently no IDS sigs that can detect it (but I'm sure that will change as soon as I post this.) If you can, disable anonftp access. If not, look through the log files for an extreamly long command. (The description shows 60+ 'a' in a row.)
This is very similar to an exploit discovered about 4 months ago. Why didn't the Wu-FTP people check to see if they were vulnerable?
This is not ment as flamebait. Just a statement of fact. Judge accordingly.