Full-Disclosure to be rated PG-13

earlier today a surprising announcement came from the new full-dicklosure moderators. according to the announcement titled “cheap pr0n, we believe in it!”, the well known cestpool spammers list full-disklosure is undergoing facial reconstruction following their synergy with senunia.
“the first step in implementing the new changes is by making sure advisories will be sent to subscribers at the very least, 200 times. then, to ensure delivery, we will send it 100 more times”. other enhancements as reported by the new moderator, kiddiescript. “the list was recently declared pg-13. we don’t have the word ‘fuck’ on our posts, so we were able to dodge the x rating. shit, i guess we lost that now”.
in response to kiddie’s appointment, the old moderation crew went to their local pub.

the renowned researcher dave aitel said to us in an interview: “what? who told them about my latest gay shit 0day overflow?! it was to be used in the next super secret nsa worm!”

many other self-proclaimed security researchers also showed their amazement with this revolution “how will we get our pr0n now?! well, at least i hope they will revive the old guillotine” said the microsn0t msrc director.

in a press conference this afternoon, gadi evron, another self-proclaimed “expert” said: “i thank the committee for choosing me as the best fd spammer for the year of 2006 but i cannot accept this reward, as i believe i can do even better by the year’s end!”

in shocking surprise (or was it a surprising shock?), the us army remote viewing and psy-ops division came out with the following prediction:
“in the following weeks, there will be several email threads dominating the mailing list, starting with “sunshine sucks”, going through “yeah, we already knew dave sucks” and ending with an extremely unexpected thread on the moderation of the mailing list. the corps is mother. the corps is father. trust the corps.”

and now for the “facts”:
massive mail bombing hit the full-disclosure mailing list this morning. joe jobbing many known security professionals and vendors such as ilja van sprundel, gadi evron and idefense labs, forging their email addresses to send fake advisories declaring vulnerabilities in isc bind, sourcefire snort, microsoft products, vmware, “immunity dave aitel” and other applications.

as one of our readers put it:
“i’ve been trying to unsubscribe all morning, the server must be over-loaded relaying spam!”

the mail bomb is done from one machine:

received: from www.c0replay.net (unknown [])
by lists.grok.org.uk (postfix) with esmtp id 3bf512123
for ;
sun, 12 mar 2006 07:27:17 +0000 (gmt)

www.c0replay.net, according to another reader, has interesting open ports. the server however is “known” according to some to serve a kiddies group.

arin whois information:

rtechhandle: du24-arin
rtechname: unfried, david
rtechphone: +1-909-727-5045
rtechemail: dru@linkline.com

orgabusehandle: linkl-arin
orgabusename: linkline communications
orgabusephone: +1-909-972-7118
orgabuseemail: abuse@linkline.com

orgnochandle: lcn3-arin
orgnocname: linkline communications noc
orgnocphone: +1-909-972-7118
orgnocemail: noc@linkline.com

orgtechhandle: mb1596-arin
orgtechname: benzakein, marc a
orgtechphone: +1-909-972-7111
orgtechemail: mbenz@linkline.com

(got anything to tell ren&stimpy? email us: rennstimpy@securiteam.com)

  • Moike

    I’m surprised that a list as large as FD doesn’t even have an administrator checking it at least once per day. They could kill this one easily by blocking submissions from the source IP. While that would probably drive the kiddies to submit from a botnet, that would buy FD some time to get a moderator to step in when necessary.

  • http://www.grok.org.uk/ John Cartwright

    It does, I did… cleaning up whilst still maintaining active service is not fun, however.

  • sunshine

    Yeah, the current FD moderators may refuse to moderate it – and that is their right – “Full-Disclosure, we believe in it.”. That is commendable even if I personally don’t agree with it when it makes lives impossible. They are amazing guys, too bad the world if full of trolls.