WebApp Sec mailing list archives
List administrivia Public Service Announcement - the more you know...
From: Andrew van der Stock <vanderaj () greebo net>
Date: Tue, 6 Nov 2012 02:51:57 +1100
Caveat lector: My role here since taking on moderation of this list way back in 2004 or 2005 or so is primarily to reject spam and 1 line messages saying "thanks" or "Give me the answer to my homework / assignment / PhD dissertation that I'm too lazy to Google". However, the bar for submission is very, very low. You will not believe how low it is. I have and continue to let through highly questionable messages that might affect your computer if you do the wrong thing. I read 'em, sometimes I smile, sometimes I smirk, other times I think "that seems legit" in an ironic sense. I treat you all as security professionals, and so it goes without saying "Don't click random links unless you know what you're doing." is the first and about the only rule that goes here. I have to assume you know what you're doing as otherwise it denies us all an opportunity to learn and share knowledge. And occasionally get pwned. If your opsec* skills run to "I use SSL and a firewall", then this list might not be for you. So if you get pwned, you've had a fantastic learning moment, and I truly and sincerely hope you have good (and recent) backups. Better luck with your next OS install. :) thanks, Andrew your friendly list admin * I don't always do this, but I suggest using a throwaway read-only live CD VM to click unknown links. It's a good habit, and if your VM gets pwned, it's just a matter of throwing it away and starting again. It goes without saying, don't share your host OS resources such as home folder in the victim VM, or log into your actual Internet services, or have it bridged to the same network as systems you actually like. If this sounds complicated, again, this list might not necessarily be for you. This list is sponsored by Cenzic -------------------------------------- Let Us Hack You. Before Hackers Do! It's Finally Here - The Cenzic Website HealthCheck. FREE. Request Yours Now! http://www.cenzic.com/2009HClaunch_Securityfocus --------------------------------------
Current thread:
- List administrivia Public Service Announcement - the more you know... Andrew van der Stock (Nov 05)