Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: why o why did NASA do this.
From: GuidoZ <uberguidoz () gmail com>
Date: Fri, 29 Oct 2004 02:00:29 -0400

Ok Mr. Limpy..lol

Just for the record, I fixed that problem I was having with my Linux
install! Of course, I've gone and broken it again, but that's besides
the point. Now you should be referring to me as Mr. No Limbs (it's
completely dead). lol

Great point about the "career" job. Even if they aren't there, knowing a
time and a name can get you more information out of a person in another
dept, I think. I wouldn't try =)

I thought it was too. =D I wouldn't try it either, but then again, I'm
not someone who would be interested in hacking into NASA. It's the
ones who WOULD be interested that I worry about.

I realize that such information is generally available through public
records and such. However, that's no reason to post it all for easy
access and saving. ;)

--
Peace. ~G


On Tue, 19 Oct 2004 12:59:37 -0500, Todd Towles
<toddtowles () brookshires com> wrote:

GuidoZ wrote:
=) Yeah, I do. I wasn't sure if you were having a brain fart
or something. lol
Ok Mr. Limpy..lol

Well said. It was finally removed from public view, though
I'd imagine quite a few saved it just in case (myself
included). No, it's not some perfect list for every malicious
purpose, though it's certainly better then nothing. Spammers
really don't care if it's active or not - they will still
sell it. Social Engineering can go a long way though. It's
entirely possible someone that worked at NASA in 1996 would
be there still today. It's called a career. =)
Great point about the "career" job. Even if they aren't there, knowing a
time and a name can get you more information out of a person in another
dept, I think. I wouldn't try =)

-Todd

--
Peace. ~G


On Tue, 19 Oct 2004 07:59:36 -0500, Todd Towles
<toddtowles () brookshires com> wrote:
I meant this outdated NASA e-mail list. I undestand that FD
could be
used for this purpose.

The fact that NASA just hands you this information
(outdated or not)
is pretty sad. As I stated before it is free information leakage at
best and because it is outdated it should be removed from
public view.
This could be used for social attacks and e-mail attacks. I don't
think SPAMmers care about some 6 year old list but hackers
would. Any
information that they can get free of charge is just that
much better.

You know me better than that GuidoZ .....lol

-----Original Message-----
From: GuidoZ [mailto:uberguidoz () gmail com]
Sent: Tuesday, October 19, 2004 1:24 AM
To: Todd Towles
Cc: full-disclosure () lists netsys com
Subject: Re: [Full-disclosure] why o why did NASA do this.

how would this list help me spam?

Google your email address - then simply use a bot to
gather ALL the
email addresses listed in the posts along with it. ;) The
sad fact
is that the email addresses used to post to this list (and any
others like it) are freely there for the taking. Plus, it's quite
obvious they are active. (More obvious then, say, email
addies fro
1996?) ;)

--
Peace. ~G


On Mon, 18 Oct 2004 11:02:00 -0500, Todd Towles
<toddtowles () brookshires com> wrote:
Exactly as I stated eariler...this is just information
leakage...old
as it might be, it helps...the people on the list are just
doing their
jobs...getting paid and giving information to a employee that
knows their name (and is higher in the company) seems harmless.
Spam isn't
the issue with this information leakage, I can buy a CD
with 6 million
e-mail address on it...how would this list help me spam?



-----Original Message-----
From: full-disclosure-admin () lists netsys com
[mailto:full-disclosure-admin () lists netsys com] On Behalf Of
KF_lists
Sent: Monday, October 18, 2004 9:06 AM
To: Harry de Grote
Cc: full-disclosure () lists netsys com
Subject: Re: [Full-disclosure] why o why did NASA do this.


Forget about the spammers, how about social engineers.
This is quite
the gold mine for that.

Hi this is Joe Schmoe from building 69 I need to have my
password reset.
-KF



i have to admit... it's pretty old and useless, but i think
this may
be a nice place for spammers to try out some new adresses...


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html






_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]