|
Full Disclosure
mailing list archives
Re: Facebook seems to think my Arch Linux box has malware on it
From: James Condron <james () zero-internet org uk>
Date: Fri, 20 Jan 2012 23:10:04 +0000
Yeah, you really weren't, you were telling us how you would have handled it, with all the buzzwords and terms you could
have thought of.
Hell, I'm surprised you didn't manage to get the word 'synergy' in there.
" I would do a dns lookup and then compare those results to that of a public web service, and save the links for the
AVs to check if they have any malicious history associated with them."
Reads like s bad Hollywood script
"First I would ping the phone number and see if I could telnet to the ICMP, then get the PTR of the MAC address and use
an ARP overflow and spoof the TTL of the Window Size and..." (etc. etc.)
What are you suggesting; take a look at where the request is coming from and make a decision based on that whether the
software is being punted by facebook or a third party?
Fine- just say that; make your suggestion and get on with your life. Its a little trite as advice goes, but if thats
all you can contribute then go for it.
Coming in with your Marky-Mark talk of "First I'd get the first hijacker and use his head to kill the second hijacker
and then I'd be all like 'yeah, lets land the plane here- let me drive'" is not very helpful
On 20 Jan 2012, at 22:37, Gage Bystrom wrote:
What the hell are you talking about? I was just giving some advice on how he could check if it was legit or not if it
happens again.
What crawled up your ass and died this morning?
On Jan 20, 2012 2:21 PM, <james () zero-internet org uk> wrote:
You should tell us what you would have done had you been on one of the hijacked sept 11 planes.
Bet things would have gone down different then, amiright?
Sent from my BlackBerry® wireless device
-----Original Message-----
From: Gage Bystrom <themadichib0d () gmail com>
Sender: full-disclosure-bounces () lists grok org uk
Date: Fri, 20 Jan 2012 13:29:01
To: Wesley Kerfoot<wjak56 () gmail com>; full-disclosure () lists grok org uk<full-disclosure () lists grok org uk>
Subject: Re: [Full-disclosure] Facebook seems to think my Arch Linux box has
malware on it
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
Re: Facebook seems to think my Arch Linux box has malware on it coderman (Jan 20)
Re: Facebook seems to think my Arch Linux box has malware on it ingo.schmitt () binarysignals net (Jan 20)
Re: Facebook seems to think my Arch Linux box has malware on it maxigas (Jan 20)
|
