Full Disclosure mailing list archives
Re: Re: Empty emails example
From: gabriel rosenkoetter <gr () eclipsed net>
Date: Sun, 29 Feb 2004 18:32:09 -0500
On Sun, Feb 29, 2004 at 04:47:31PM -0500, Bill Royds wrote:
I was disclosing a possible reconnaissance of compromised hosts. Perhaps you don't like full disclosure of attacks, only exploits?
I approve of disclosure of those attacks, but I don't think that Full-Disclosure is the appropriate place for it. From the list's charter, which is referenced in the footer of every piece of list mail: Any information pertaining to vulnerabilities is acceptable, for instance announcement and discussion thereof, exploit techniques and code, related tools and papers, and other useful information. "Vulnerabilities" does not imply "misuse of functional networks". Discussion of the type you want belongs on, and takes place regularly on, the incidents () securityfocus com mailing list. -- gabriel rosenkoetter gr () eclipsed net
Attachment:
_bin
Description:
Current thread:
- Re: Re: Empty emails example gabriel rosenkoetter (Feb 29)
- Judge affirms it's OK to test level of security of Websites Lan Guy (Feb 29)