full-disclosure-uk August 2008 archive
Main Archive Page > Month Archives  > full-disclosure-uk archives
full-disclosure-uk: Re: [Full-disclosure] Gustav, domain name re

Re: [Full-disclosure] Gustav, domain name reportage

From: n3td3v <xploitable_at_nospam>
Date: Sun Aug 31 2008 - 02:38:04 GMT
To: Jon.Kibler@aset.com, handlers@sans.org, full-disclosure@lists.grok.org.uk

On Sun, Aug 31, 2008 at 2:57 AM, n3td3v <xploitable@gmail.com> wrote: > http://linuxbox.org/pipermail/funsec/2008-August/018318.html > http://isc.sans.org/diary.html?storyid=4954 > > Hi, > > I think its wrong for you to name and shame these domain names, and > specify places people live (funsec), seeing as these folks have done > nothing wrong. > > Guilty until proven innocent, is that how it works in cyber security land? > > Completely out of order... > > All the best, > > n3td3v > > -- > computer security protection news alert system, keep messages short > for cellular devices. > https://groups.google.com/group/n3td3v >

  • Now talking in #n3td3v
    [03:11] <cybersecure> [Full-disclosure] Gustav, domain name reportage
    [03:11] <cybersecure>
    [03:15] <ChrisAM> I don't get your post.
    [03:16] <ChrisAM> the past disasters demonstrate the abuse of domains like this.
    [03:16] <cybersecure> yet those domains are only parked domains just now
    [03:16] <cybersecure> no law broken
    [03:17] <ChrisAM> dshield is just being proactive.
    [03:17] <cybersecure> it could even be the government or a security
    company etc buying the domains so they can't be bought
    [03:17] <ChrisAM> that's what I suggested earlier to do.
    [03:18] <cybersecure> so why name and shame and then the funsec post
    starts posting where people live
    [03:18] <cybersecure> completely outragous when technically nothing
    has been done wrong (yet)
    [03:18] <ChrisAM> they just put cities.. not people's names.
    [03:19] <cybersecure> its bad enough
    [03:19] <ChrisAM> the scumbags are just waiting for the storm to hit.
    [03:19] <cybersecure> even you're calling them scumbags before you
    even know the reason for the domains
    [03:19] <ChrisAM> What other reason would there be?
    [03:19] <cybersecure> technically you shouldn't do it until something
    has been commited
    [03:20] <ChrisAM> Innocent until proven guilty only applies in
    law/courts. I can call them whatever I want.
    [03:20] <cybersecure> and then i call you a twat
    [03:20] <cybersecure> sorry
    [03:20] <cybersecure> its not very professional
    [03:21] <cybersecure> to name and shame before an fofence has been commited
    [03:21] <ChrisAM> You actually think these will be legitimate sites?
    [03:21] <cybersecure> offence*
    [03:21] <cybersecure> its not for me or anyone else to judge until
    something actually happens, and certainly not put on a high profile sans diary
    [03:22] <cybersecure> maybe on backchannels and in private
    [03:22] <cybersecure> but not so publically
    [03:22] <cybersecure> until an offence is commited
    [03:22] <cybersecure> once an offence is commited, shout to the hills about it
    [03:23] <ChrisAM> by then 5 million spam mails are already sitting in
    people's inboxes.
    [03:23] <cybersecure> so you're saying these domains should be cancelled?
    [03:23] <ChrisAM> no.
    [03:23] <cybersecure> what the fuck!
    [03:23] <ChrisAM> I'm saying they should be closely watched.
    [03:24] <cybersecure> but not talked about on a sans diary or
    published on funsec until something happens
    [03:24] <ChrisAM> This is the information gathering phase. It's too
    late to start that after the storm hits.
    [03:25] <cybersecure> information gather in private until someone does
    something wrong
    [03:27] <cybersecure> can i put this transcript on f-d?
    [03:28] <ChrisAM> ok
    [03:28] <ChrisAM> What value will it add there?
    [03:28] <cybersecure> you don't care?
    [03:30] <cybersecure> brb, i'm going to post...
    [03:30] <ChrisAM> no
    [03:30] <cybersecure> your nickname will come up on google
    [03:30] <ChrisAM> ok
    [03:31] <cybersecure> brb then... i'm going to post

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/