Full Disclosure mailing list archives

Re: Automated mass abuse of form mailers

From: Ron DuFresne <dufresne () winternet com>
Date: Mon, 12 Sep 2005 15:32:53 -0500 (CDT)

On Mon, 12 Sep 2005, n3td3v wrote:

You're missing the point, as i've tried to outline. This is an active
project, and written code for such an outbreak is already within the
hands of  *underground hacker communities*.

If you look at my background posts, as posted earlier on the threat,
you'll see the lead up.




Perhaps, and perhaps you danced about mine and missed them as well.  9 of
10 websites use off the freeshelf code, and most used dated code that was
never written with a mind towards secure.  So if folks are going to use
tools in existence rather then create their own hammers and drills they
should go for other then perhaps the first click in a google search and
find something that was coded with security in mind, rather then the first
link that likely pops up in a google search.  If the code is good that
they incorporate into their designs, then it kinda devalues the current
tools that nasty boys <and grils> are using, does it not?  If their tools
reply upon poorly written code, then replacing it with far better code
makes their efforts kinda nill, yes?

Thanks,

Ron DuFresne

Thanks..

On 9/12/05, Ron DuFresne <dufresne () winternet com> wrote:

On Mon, 12 Sep 2005, Michael Holzt wrote:

Automated mass abuse of form mailers


       [smip]



Nothing new really, this has been an issue for many years now.  And often

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


-- 
"Sometimes you get the blues because your baby leaves you. Sometimes you get'em
'cause she comes back." --B.B. King
        ***testing, only testing, and damn good at it too!***

OK, so you're a Ph.D.  Just don't touch anything.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Re: Automated mass abuse of form mailers, (continued)
- Re: Automated mass abuse of form mailers Luc Stroobant (Sep 12)
  - Re: Automated mass abuse of form mailers n3td3v (Sep 12)
  - Re: Automated mass abuse of form mailers Dave Korn (Sep 12)
    - Re: Re: Automated mass abuse of form mailers Bipin Gautam (Sep 12)
    - Re: Re: Automated mass abuse of form mailers Valdis . Kletnieks (Sep 12)
    - RE: Re: Automated mass abuse of form mailers Aditya Deshmukh (Sep 12)
    - Re: Re: Automated mass abuse of form mailers Dave Korn (Sep 13)
- Re: Automated mass abuse of form mailers Matthias Kestenholz (Sep 12)
- Re: Automated mass abuse of form mailers Ron DuFresne (Sep 12)
  - Re: Automated mass abuse of form mailers n3td3v (Sep 12)
    - Re: Automated mass abuse of form mailers Ron DuFresne (Sep 12)
- Re:Automated mass abuse of form mailers sk (Sep 12)
- Automated mass abuse of form mailers n3td3v (Sep 12)
- Automated mass abuse of form mailers n3td3v (Sep 12)