Re: Anonymous posting

From: Patrik Birgersson (patrik.birgersson@aiasec.com)
Date: 03/08/02

• Previous message: Trevor Cushen: "RE: Security Engineers Field Tool Kit"
• In reply to: Starks, Michael: "Anonymous posting"
• Next in thread: Narayana Kondreddi: "Re: Anonymous posting"
• Next in thread: dewt: "Re: Anonymous posting"
• Reply: Narayana Kondreddi: "Re: Anonymous posting"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Fri, 8 Mar 2002 11:01:50 +0100 (CET)
From: Patrik Birgersson <patrik.birgersson@aiasec.com>
To: "Starks, Michael" <mstarks@preferredcare.org>

On Wed, 6 Mar 2002, Starks, Michael stated:

> What is the consensus in regards to anonymously posting to security mailing
> lists and USENET when discussing specific network configurations? Is it
> considered the prudent thing to do? Is credibility affected? It doesn't
> seem wise to me to discuss a specific vulnerability which points back to you
> own network.

I can't speak for everyone else, but here's my opinion:

As you say, it's not very clever to talk about vulnerabilities or other
security issues that may be traceable right back to you network.

I would recomend you to set up a e-mail account on Hotmail (or equiv.) for
use in this issue.

Regarding the credability issue I don't see any problem, unless you are
making posts like "How can I sploit this or that", "Could anyone give me
sploit code for...", etc... in which case you will most likely be ignored
(or flamed). Making such postings isn't very clever, regardless of the
e-mail address used.

On USENET (especially) it's _very_ common to use "secondary" or even bogus
addresses, just for the security reason.

Patrik Birgersson

---

• Previous message: Trevor Cushen: "RE: Security Engineers Field Tool Kit"
• In reply to: Starks, Michael: "Anonymous posting"
• Next in thread: Narayana Kondreddi: "Re: Anonymous posting"
• Next in thread: dewt: "Re: Anonymous posting"
• Reply: Narayana Kondreddi: "Re: Anonymous posting"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages RE: is this the start of something naughty? ... Regards, ... - Ensure Reliable Performance of Mission Critical Applications ... - Precisely Define and Implement Network Security and Performance Policies ... (Incidents) Re: Where is the Wireless line? ... Where does the wireless line being and end with regards to "illegal access" ... If company A has a wireless network No Encryption, ... You know they need security. ... buy it or download a solution FREE today! ... (Pen-Test) Re: Access denied on remote registry access, from Win2003 sp1 ... machine access from the network. ... Regards, ... Nothing shows up in the security event log, so the access must be blocked ... If adding the built-in group 'network' to the local administrators group, ... (microsoft.public.win2000.registry) security of windowsxp under network ... Would you kindly explain me about security of WindowsXP ... under network and let me know about its policy of ... Regards, ... (microsoft.public.windowsxp.general) security under network ... Would you kindly explain me about security of WindowsXP ... under network and let me know about its policy of ... Regards, ... (microsoft.public.windowsxp.general)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(13)