Excuse me. Are we done posturing and beating our chests?

I joined this group so that I might be able to keep a breast of security
issues. Instead I find myself appalled at the sheer lack of professionalism.

do or do not give out that script, but please let us pursue more worthy
debate!

Just my humble opinion.....

-----Original Message-----
From: Stanley G. Bubrouski [mailto:stanccs.neu.edu]
Sent: Thursday, September 06, 2001 6:35 PM
To: sween
Cc: vuln-devsecurityfocus.com
Subject: Re: Telnetd exploit for solaris

On Thu, 6 Sep 2001, sween wrote:

>
> On Wed, 5 Sep 2001, fintler wrote:
> > Now why would you possible want something like that...if you were an
>
> sooooo you can drive an industry and root somebody's solaris machine and
> prove to SOMEONE's company that this computer security bullshit isn't just
> a fad and that are not wasting 60K a year for a "security" expert to hover
> over security focus mailing lists and apply patches to expensive operating
> systems that were shipped broken in the first place.
>
> this industry needs an old fashioned ass whoopin.
>
> You owe script kiddies... BIG TIME.
>

The computer and software industries owe script kiddies NOTHING. Script
kiddies bring down sites, wreak havoc on networks, use compromised as
platforms for attack and all without knowing how what they are using works
or what harm they are doing.

The people owed thanks are the people who find and report vulnerabilites,
who attempt to offer fixes and workarounds, and yes people who write and
publish proof of concept code and tools.

But there is a huge difference between supplying a proof of concept and
using one to gain unauthorized access to companies system.

> GET OFF MY LIST.
>

This is list is to discuss vulnerabilities, not promote script kiddies as
the great fucking guardian angels of corporate America. Get real.

> >
> > --- Labkonto <ppht-15mdstud.chalmers.se> wrote:
> > > Anyone here that developed an exploit
> > > for the Telnetd buffer overflow on solaris,
> > > or know where to get one?
> > >
> > >
> > > // pp
> > >
> >
>

No, but when I do I'll post it here.

> admin, you'd just patch your
> > box and forget it. I can only assume you're trying to get into someone
elses box, what makes you
> > think I'm going to give you a script so you can get someone fired from
their job because you felt
> > like being an 3r3ct skr1pt k1ddi3.
> >

Give him whatever he asks for. I want to see him behind bars if he plans
to use it to gain unauthorized access to people's systems (not that I'm
saying he is)

> > -fintler <fintlerhalfbug.com>
> >
> > __________________________________________________
> > Do You Yahoo!?
> > Get email alerts & NEW webcam video instant messaging with Yahoo!
Messenger
> > http://im.yahoo.com
> >
> >
>
>
> --
>
> sween
> -script kiddie-
>

Are you for real? I feel like I'm reading something written by a chimp
from a tv sitcom. Anyone else got any input on script kiddies being a
positive thing?

>
>

Stan

--
Stan Bubrouski                                       stanccs.neu.edu
23 Westmoreland Road, Hingham, MA 02043        Cell:   (617) 835-3284

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]