Which kind of attack?

Discussion in 'Computer Security' started by Luigi Donatello Asero, Oct 1, 2006.

  1. Luigi Donatello Asero, Oct 1, 2006
    #1
    1. Advertising

  2. Luigi Donatello Asero wrote:

    > Hello,
    > when I tried to visit the URL which was written in the following post
    > I was warned about a security risk.


    By whom? What specifically?

    Well, I got a warning about a certificate error on the https:// link
    because I explicitly distrust Equifax Global eBusiness Class 1, but that's
    it.

    > http://groups.google.se/group/soc.culture.china/msg/fac7e337a9da9a1d?dmode=source&hl=sv
    > Do you know what the writer was trying to do?


    Eh... nothing?
     
    Sebastian Gottschalk, Oct 1, 2006
    #2
    1. Advertising

  3. "Sebastian Gottschalk" <> skrev i meddelandet
    news:...
    > Luigi Donatello Asero wrote:
    >
    > > Hello,
    > > when I tried to visit the URL which was written in the following post
    > > I was warned about a security risk.

    >
    > By whom?

    J.Venning
    (see the link)

    What specifically?
    >
    > Well, I got a warning about a certificate error on the https:// link
    > because I explicitly distrust Equifax Global eBusiness Class 1, but that's
    > it.
    >
    > >

    http://groups.google.se/group/soc.culture.china/msg/fac7e337a9da9a1d?dmode=source&hl=sv
    > > Do you know what the writer was trying to do?

    >
    > Eh... nothing?


    I have Internet Security and I got a message which, translated said more or
    less
    that a computer with the adress 127.0.0.1 sent information which was similar
    to the information in the attack
    HTTP MS IIS ASP Source disclosure.
    What does that mean?
    --
    Luigi Donatello Asero
    https://www.scaiecat-spa-gigi.com/it/svezia.html
    谢谢你 ÑпаÑибо
     
    Luigi Donatello Asero, Oct 1, 2006
    #3
  4. "Sebastian Gottschalk" <> skrev i meddelandet
    news:...
    > Luigi Donatello Asero wrote:
    >
    > > Hello,
    > > when I tried to visit the URL which was written in the following post
    > > I was warned about a security risk.

    >
    > By whom? What specifically?
    >
    > Well, I got a warning about a certificate error on the https:// link
    > because I explicitly distrust Equifax Global eBusiness Class 1, but that's
    > it.
    >
    > >

    http://groups.google.se/group/soc.culture.china/msg/fac7e337a9da9a1d?dmode=source&hl=sv
    > > Do you know what the writer was trying to do?

    >
    > Eh... nothing?


    I answered at alt.computer.security

    --
    Luigi Donatello Asero
    https://www.scaiecat-spa-gigi.com/
    谢谢你 ÑпаÑибо
     
    Luigi Donatello Asero, Oct 1, 2006
    #4
  5. Luigi Donatello Asero wrote:

    > I have Internet Security and I got a message which, translated said more or
    > less that a computer with the adress 127.0.0.1 sent information which was similar
    > to the information in the attack
    > HTTP MS IIS ASP Source disclosure.
    > What does that mean?


    Nothing. Your network error simulation software simulated a network error.
     
    Sebastian Gottschalk, Oct 2, 2006
    #5
  6. "Sebastian Gottschalk" <> skrev i meddelandet
    news:...
    > Luigi Donatello Asero wrote:
    >
    > > I have Internet Security and I got a message which, translated said more

    or
    > > less that a computer with the adress 127.0.0.1 sent information which

    was similar
    > > to the information in the attack
    > > HTTP MS IIS ASP Source disclosure.
    > > What does that mean?

    >
    > Nothing. Your network error simulation software simulated a network error.


    Thank you.
    Is that a kind of behaviour which is normal for Symantec Norton Internet
    Security?

    --
    Luigi Donatello Asero
    https://www.scaiecat-spa-gigi.com/
    谢谢你 ÑпаÑибо
     
    Luigi Donatello Asero, Oct 2, 2006
    #6
  7. Luigi Donatello Asero

    anonymous Guest

    Luigi Donatello Asero wrote:

    >
    > "Sebastian Gottschalk" <> skrev i meddelandet
    > news:...
    > > Luigi Donatello Asero wrote:
    > >
    > > > I have Internet Security and I got a message which, translated said more

    > or
    > > > less that a computer with the adress 127.0.0.1 sent information which

    > was similar
    > > > to the information in the attack
    > > > HTTP MS IIS ASP Source disclosure.
    > > > What does that mean?

    > >
    > > Nothing. Your network error simulation software simulated a network error.

    >
    > Thank you.
    > Is that a kind of behaviour which is normal for Symantec Norton Internet
    > Security?


    Of course not. You've fallen victim to Gottschalk's adolescent
    substitute for "wit". :(

    Source disclosure is a form of attack that tries to gain access to
    information that wouldn't normally be given to others. Typically CGI
    scripts, and normally to find vulnerabilities in those scripts. Known
    and unknown. If you're not serving content then it's a good chance you
    stumbled across a nefarious site that probes visitors for
    vulnerabilities. If you do serve content you're more than likely seeing
    a visitor who is "scanning" sites for vulnerabilities. Three's also an
    outside chance it's coincidental, that NIS false alarmed on something
    innocuous that just looked like an attack. the slogan "nothing is
    perfect" applies.

    Sad as it is this sort of activity is commonplace on the net. Probes
    and scans are so prevalent it's impossible to keep up with them all, and
    most people ignore them. The fact that NIS alerted you to something odd
    should be reassuring in fact. You know it's working. IT pros know that
    when you see no more breaking attempts you should start to get
    paranoid. It's a good indication you've been compromised and someone is
    scrubbing your logs to hide their activity. ;)
     
    anonymous, Oct 2, 2006
    #7
  8. Luigi Donatello Asero wrote:

    >> Nothing. Your network error simulation software simulated a network error.

    >
    > Thank you.
    > Is that a kind of behaviour which is normal for Symantec Norton Internet
    > Security?


    Randomly yelling messages full of uncorrelated bullshit? Yes. Obviously.
     
    Sebastian Gottschalk, Oct 2, 2006
    #8
  9. anonymous wrote:

    > Three's also an outside chance it's coincidental, that NIS false alarmed on
    > something innocuous that just looked like an attack. the slogan "nothing is
    > perfect" applies.


    Sorry, but the related attack doesn't even particularly coincide with the
    stated website. It simply is random garbage.

    > Sad as it is this sort of activity is commonplace on the net. Probes
    > and scans are so prevalent it's impossible to keep up with them all, and
    > most people ignore them. The fact that NIS alerted you to something odd
    > should be reassuring in fact.


    What a nonsense. NIS complaining about exactly nothing doesn't even
    particularly prove that this nothing is something relevant. Just that NIS
    is dumb.
     
    Sebastian Gottschalk, Oct 2, 2006
    #9
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?c2hhZG8yODI=?=

    Router problems of a different kind

    =?Utf-8?B?c2hhZG8yODI=?=, Jan 31, 2005, in forum: Wireless Networking
    Replies:
    1
    Views:
    567
    Malke
    Jan 31, 2005
  2. dorothy.bradbury
    Replies:
    15
    Views:
    1,077
    dorothy.bradbury
    Jul 21, 2003
  3. Samuel C.

    Which is the best Battery and charger for Ni-Mh kind???

    Samuel C., Dec 17, 2003, in forum: Digital Photography
    Replies:
    3
    Views:
    1,280
    Samuel C.
    Dec 20, 2003
  4. The Jesus of Suburbia

    Microcontrollers: which one ? which language ? which compiler ?

    The Jesus of Suburbia, Feb 11, 2006, in forum: NZ Computing
    Replies:
    2
    Views:
    551
  5. kph
    Replies:
    0
    Views:
    279
Loading...

Share This Page