|
Friday April 9th, was moderately busy; there was some discussion on a new french law. Scanning patterns were largely stable, with the exception of 4899/tcp. A new Anti-spam resource was announced today. A bugtraq post from K-Otic claimed that a new law in France could make it illegal to post vulnerability information or hacking techniques. The "loi pour la confiance dans l'economie numerique" (loosely translated, the "Confidence law for the Digital Economy") is claimed to make hacking and vulnerability posts illegal in France. The handler's consensus seems to be that this may not be as severe a law as K-Otic would seem to present. If your company or organization does work in the realm of vulnerability analysis and has branches in France, a french lawyer can get you much better advice than you'll find on either the handler's list or Bugtraq. A new anti-spam RBL was announced today. Jeff Chan noted that the SURBL is now live. Unlike traditional RBL's which focus on the sender domain or intermediate relays, this blocklist focuses on the URL's embedded in spam messages. The SURBL pulls domains from recent multiply reported spams and republishes them as subdomains of the sc.surbl.org domain. See http://www.surbl.org for more information. The sa-blocklist manual domain project will be live in this URL RBL format within a few days. Scott Fendley reports that scanning for 4899/tcp is quite heavy at his location. Dshield confirms that 4899/tcp is spiking again after a few quiet weeks. http://isc.sans.org/port_report_graph.php?port=4899&width=350 There is speculation that there may be an exploit circulating for Radmind. Agobot is also scanning heavily. ---- Handler on duty, William Stearns wstearns@pobox.com http://www.stearns.org/ (security papers and tools) |
William 80 Posts Apr 9th 2004 |
| Thread locked Subscribe |
Apr 9th 2004 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!
