suggestion
maybe you guys should take away the forum description that mentions "exploits", since obviously you dont want anyting regarding them posted. it kinda gives the wrong impression when it clearly says
"This forum is for all security related questions. Questions, tips, exploits, firewalls, etc. are all included here." |
Since we do not want to help people with coding their own or fixing others, we probably should. Thanks for noting it.
|
Given that most of the input here is about exploits is about "how to avoid" or "how to fix" exploits, I don't think that there is a problem mentioning them. Besides, almost anyone who asks "how to take advantage of" or "how to create" one get quickly reminded otherwise. There's nothing wrong with the word "exploit". It's all in how the community offers input. That's like saying that you don't want to mention virii because somebody might be attempting to write one. I would hope that it would be obvious that people who ask those types of questions would realize that this is not the place to go.
|
infamous41md,
Thanks for the suggestion. Removing exploits is probably more inline with what we'd like discussed here. On unSpawn's suggestion I have updated it to "system compromises". --jeremy |
Quote:
unspawn, jeremy << thanks :) |
asked them to IM me if they wanted to work on it with me. my post was deleted and i was warned.
No, your post was closed, big difference. We had a short email conversation about this and I redirected you to the "proper" channels for this, SF, full disclosure and bugtraq mailinglist, like that. LQ just ain't the place for FD and help *with* exploits. so i thought it would make sense to be clearer about the rules. Yes, you're right and I appreciate you offered the suggestion. BTW, did you get your BO going with mailinglist help or? |
no apparently nobody can find(or wants to share yet) where it even is. i mean, i was kinda pissed b/c usually its not that hard once you've read the advisory. they even tell you what function it's in, but i cant' figure it out for the life of me. i spent an entire day analyzing that function and couldnt find squat.
http://www.securityfocus.com/bid/8641/info/ there is the advisory. edit: i see that a patch was released(new version) so maybe i'll give it a shot again; should be easier now having that. |
All times are GMT -5. The time now is 02:09 AM. |