Full Disclosure mailing list archives

Re: Re: Empty emails example

From: gabriel rosenkoetter <gr () eclipsed net>
Date: Sun, 29 Feb 2004 18:32:09 -0500

On Sun, Feb 29, 2004 at 04:47:31PM -0500, Bill Royds wrote:

  I was disclosing a possible reconnaissance of compromised hosts. Perhaps
you don't like full disclosure of attacks, only exploits?


I approve of disclosure of those attacks, but I don't think that
Full-Disclosure is the appropriate place for it. From the list's
charter, which is referenced in the footer of every piece of list
mail:

  Any information pertaining to vulnerabilities is acceptable, for
  instance announcement and discussion thereof, exploit techniques and
  code, related tools and papers, and other useful information.

"Vulnerabilities" does not imply "misuse of functional networks".

Discussion of the type you want belongs on, and takes place
regularly on, the incidents () securityfocus com mailing list.

-- 
gabriel rosenkoetter
gr () eclipsed net

Attachment: _bin
Description:

Current thread:

Re: Re: Empty emails example gabriel rosenkoetter (Feb 29)
- Judge affirms it's OK to test level of security of Websites Lan Guy (Feb 29)