firewall-wizards@listserv.icsalabs.com
To subscribe or unsubscribe via the World Wide Web, visit
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
or, via email, send a message with subject or body 'help' to
firewall-wizards-request@listserv.icsalabs.com
You can reach the person managing the list at
firewall-wizards-owner@listserv.icsalabs.com
When replying, please edit your Subject line so it is more specific
than "Re: Contents of firewall-wizards digest..."
Today's Topics:
1. Re: FYI: DDOS services for sale... (ArkanoiD)
2. Re: 2nd Life (ArkanoiD)
3. Re: FYI: DDOS services for sale... (ArkanoiD)
4. Re: 2nd Life (ArkanoiD)
5. Re: FYI: DDOS services for sale... (bad_brain)
6. Re: 2nd Life (R. DuFresne)
7. Re: 2nd Life (Jim Seymour)
----------------------------------------------------------------------
Message: 1
Date: Sat, 10 Nov 2007 17:44:26 +0300
From: ArkanoiD <ark@eltex.net>
Subject: Re: [fw-wiz] FYI: DDOS services for sale...
To: darrenr@reed.wattle.id.au, Firewall Wizards Security Mailing List
<firewall-wizards@listserv.cybertrust.com>
Message-ID: <20071110144426.GA19335@eltex.net>
Content-Type: text/plain; charset=koi8-r
Well, as i live in Russia i see that all the way. As i have some friends
developing anti-DDOS solutions who need to stay in touch with current
situation , they often rely on DDOSers crowd insider information, i see
even more. As next elections are near, i see DDOS being used quite often as
political instrument, there is always some black market burst before
elections.
On Fri, Nov 09, 2007 at 11:26:43AM -0800, Darren Reed wrote:
> I can't comment on how common this kind of advertising is,
> only that this is the first time I've seen it...
>
> Darren
>
> "DDOS servise
> Elimination of sites of your competitors quickly and qualitatively!!!
> icq 4XXXXXXXX"
>
------------------------------
Message: 2
Date: Sat, 10 Nov 2007 18:03:16 +0300
From: ArkanoiD <ark@eltex.net>
Subject: Re: [fw-wiz] 2nd Life
To: Firewall Wizards Security Mailing List
<firewall-wizards@listserv.cybertrust.com>
Message-ID: <20071110150316.GB19335@eltex.net>
Content-Type: text/plain; charset=koi8-r
Virtualization is proven to be not safe, as virtual device drivers are
not written with security in mind. So the physical separation (remember,
"VLAN is not a security feature") does the thing proper and seems to be
the only solution.
On Fri, Nov 09, 2007 at 08:19:56PM +0100, Matej wrote:
>
> -a bastian host is a good idea, but I would suggest a Linux server for
> the setup, that might reduce your hardware costs
>
> -the best way to open those ports, would be to restrict them by source
> and destination addresses (in the example we narow down the scope)
>
>
>
> My idea:
>
>
>
> You could use a virtualization product. I had some positive
> experiance.
>
------------------------------
Message: 3
Date: Sat, 10 Nov 2007 18:28:54 +0300
From: ArkanoiD <ark@eltex.net>
Subject: Re: [fw-wiz] FYI: DDOS services for sale...
To: dave@corecom.com, Firewall Wizards Security Mailing List
<firewall-wizards@listserv.cybertrust.com>
Message-ID: <20071110152854.GC19335@eltex.net>
Content-Type: text/plain; charset=koi8-r
Unfortunately Mirabilis is not very coopeative when it comes to
fighting spam and abuse :-(
Anyways, icq acceess is easy to anonymise.. _Especially_ if you
do have your own botnet. When it comes to getting the money, there
is e-gold who is still in operation despite it is known to be the easiest
way to launder e-money.
On Sat, Nov 10, 2007 at 09:09:20AM -0500, Dave Piscitello wrote:
> I imagine this kind of soliciting is more common on irc where bot
> herders and fast flux operators make their "services" available.
>
> Perhaps some of these bad actors are so confident they are bulletproof
> they are expanding advertising into "open" channels. Not a happy thought.
>
> Darren Reed wrote:
> >I can't comment on how common this kind of advertising is,
> >only that this is the first time I've seen it...
> >
> >Darren
> >
> >"DDOS servise
> >Elimination of sites of your competitors quickly and qualitatively!!!
> >icq 4XXXXXXXX"
> >
------------------------------
Message: 4
Date: Sat, 10 Nov 2007 18:32:18 +0300
From: ArkanoiD <ark@eltex.net>
Subject: Re: [fw-wiz] 2nd Life
To: firewall-wizards@listserv.cybertrust.com
Message-ID: <20071110153218.GD19335@eltex.net>
Content-Type: text/plain; charset=koi8-r
Well, i'd better choose the insurance company who asks in firewall-wizards
for and advice how to secure things over one that does the same things silently
presumably the wrong way ;-))
On Sat, Nov 10, 2007 at 07:54:57AM -0500, Jim Seymour wrote:
>
> I, for one, hope the insurance company in question is not one with
> which I'm insured, not the one in which I hold stock, and not one in
> which my 401k is invested. If I found it was any of those, it would
> quickly become *not* one of those.
>
------------------------------
Message: 5
Date: Sat, 10 Nov 2007 18:14:05 +0100
From: bad_brain <bad_brain@suck-o.com>
Subject: Re: [fw-wiz] FYI: DDOS services for sale...
To: firewall-wizards@listserv.icsalabs.com
Message-ID: <4735E6DD.7080904@suck-o.com>
Content-Type: text/plain; charset="iso-8859-1"
sadly this very common, one of those "providers" tried to infiltrate my
IRC server already once by setting up loads of bot channels.
and it seems they don't even have to fear consequences. I found the
source of the bots, on their website they explicitly offer botnets for
rent.....it's an european host, and when I complained I didn't even got
a reply.
I guess it's not good to post the link, but if an >official< is
interested let me know.
--
kindest regards,
bad_brain
owner of suck-o.com
//hacking ~ coding ~ development//
-----------------------------
SHA1 Fingerprint
3A:78:06:30:E5:7A:4B:40:10:EB:E6:43:51:5E:58:BA:5E:F0:11:2D
MD5 Fingerprint
7B:70:D5:57:08:D6:CC:64:5A:ED:4A:BE:34:60:BF:57
-----------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3168 bytes
Desc: S/MIME Cryptographic Signature
Url : https://listserv.icsalabs.com/pipermail/firewall-wizards/attachments/20071110/e34d176e/attachment-0001.bin
------------------------------
Message: 6
Date: Sat, 10 Nov 2007 14:21:50 -0500 (EST)
From: "R. DuFresne" <dufresne@sysinfo.com>
Subject: Re: [fw-wiz] 2nd Life
To: "Paul D. Robertson" <paul@compuwar.net>
Cc: firewall-wizards@listserv.cybertrust.com
Message-ID: <Pine.LNX.4.64.0711101420290.11397@darkstar.sysinfo.com>
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Sat, 10 Nov 2007, Paul D. Robertson wrote:
> On Sat, 10 Nov 2007, Jim Seymour wrote:
>
>> I, for one, hope the insurance company in question is not one with
>> which I'm insured, not the one in which I hold stock, and not one in
>> which my 401k is invested. If I found it was any of those, it would
>> quickly become *not* one of those.
>
> I'll take the opposite tack- I'd rather my insurance companies *did* ask
> here (and were looking at at least limiting it to some sort of terminal
> service) rather than just opening things up to the world without asking
> anyone. Who knows what the ones who don't know/care about the risks are
> doing?
Any of you out there with companies willing to hire me to play WOW all
day, I'm certainly interested. And willing to telecommute to lower costs
all around.
Thanks,
Ron DuFresne
- --
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
admin & senior security consultant: sysinfo.com
http://sysinfo.com
Key fingerprint = 9401 4B13 B918 164C 647A E838 B2DF AFCC 94B0 6629
...We waste time looking for the perfect lover
instead of creating the perfect love.
-Tom Robbins <Still Life With Woodpecker>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iD8DBQFHNgTRst+vzJSwZikRAnwPAKDYIetsSVVgGyVkRpcmxH1vkjuZsgCbBNZF
4Xv2WdMUSp9eKc/cANlO+ac=
=hwwY
-----END PGP SIGNATURE-----
------------------------------
Message: 7
Date: Sat, 10 Nov 2007 22:55:23 -0500 (EST)
From: jseymour@linxnet.com (Jim Seymour)
Subject: Re: [fw-wiz] 2nd Life
To: firewall-wizards@listserv.icsalabs.com
Message-ID: <20071111035523.22B76E158@jimsun.linxnet.com>
"Paul D. Robertson" <paul@compuwar.net> wrote:
>
> On Sat, 10 Nov 2007, Jim Seymour wrote:
[snip]
>
> I'll take the opposite tack- I'd rather my insurance companies *did* ask
> here ...
[snip]
It's not the "asking here" that's the issue for me. It's the
impression I get that his management is bound and determined to do this
regardless of the potential security issues. I get the impression the
PO has already related to management his concerns, and they intend to
proceed nonetheless. It seems to me he's asking here out of
desperation.
Or perhaps I'm reading it wrong?
Jim
------------------------------
_______________________________________________
firewall-wizards mailing list
firewall-wizards@listserv.icsalabs.com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
End of firewall-wizards Digest, Vol 19, Issue 7
***********************************************
No comments:
Post a Comment