Full Disclosure: Re: Re: Empty emails example

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Full Disclosure mailing list archives

Re: Re: Empty emails example

From: gabriel rosenkoetter <gr () eclipsed net>
Date: Sun, 29 Feb 2004 18:32:09 -0500

On Sun, Feb 29, 2004 at 04:47:31PM -0500, Bill Royds wrote:

  I was disclosing a possible reconnaissance of compromised hosts. Perhaps
you don't like full disclosure of attacks, only exploits?


I approve of disclosure of those attacks, but I don't think that
Full-Disclosure is the appropriate place for it. From the list's
charter, which is referenced in the footer of every piece of list
mail:

  Any information pertaining to vulnerabilities is acceptable, for
  instance announcement and discussion thereof, exploit techniques and
  code, related tools and papers, and other useful information.

"Vulnerabilities" does not imply "misuse of functional networks".

Discussion of the type you want belongs on, and takes place
regularly on, the incidents () securityfocus com mailing list.

-- 
gabriel rosenkoetter
gr () eclipsed net

Attachment: _bin
Description:

By Date By Thread

Current thread:

Re: Re: Empty emails example gabriel rosenkoetter (Feb 29)
- Judge affirms it's OK to test level of security of Websites Lan Guy (Feb 29)