eric@lucii.org on 2 Aug 2004 11:52:03 -0000


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Pasting log and configuration files verbatim (was: what's this?)


On Sun, Aug 01, 2004 at 07:17:43PM -0400, kaze wrote:
> --> Not to single you out, but generally speaking it would be very much
> --> appreciate when pasting log and configuration file snippets if they
> --> were pasted verbatim.  In this particular case, half of the data you
> --> munged -- your IP address -- is easily obtainable simply by looking
> --> at the Received: lines of your post:
> -->
> --> 	Received: from lucii.dnsalias.org ([68.34.167.232])
> --> 		  by comcast.net (sccrmhc13) with SMTP
> -->
> --> -mct
> 
> Agreed, it is annoying to troubleshoot with munged data. The reason I did/am
> on the "BIND zone oddity causing SendMail 451 Name server timeout errors?"
> thread is that Googling on the (pre-munged) domain name in the future would
> get hits from the PLUG archive and I thought better safe than sorry insofar
> as IANAL stuff. Basically it was a call I made to protect myself and my
> client, and I think I munged okay. For my own home stuff, for example, I've
> just posted it verbatim.
> 
> - Zake

On a curiously related note I just ran across this:

http://isc.incidents.org/diary.php?date=2004-07-30&isc=b4055434dd2bc56dabb256266b3ee08a

--> Why the Internet is Like an Elephant (Personal Ramblings of a Handler)
--> 
--> Keep an eye on the information you make publicly available on the
--> Internet. Usenet messages that describe your network in a firewall
--> configuration question, job posts with position requirements that
--> reveal the research your organization is doing, personal home
--> pages with data that can be used to impersonate you or your
--> friends... These tid-bids of information easily slip through our
--> mental safety filters, but can come to haunt us years after they
--> were posted on the Net.
--> 
--> Traditional search engines are quite effective at aiding attackers
--> in finding such historical information. Furthermore, data
--> processing services such as Eliyon allow anyone who can type to
--> profile an individual or a company using publicly available
--> information in no time: http://networking.eliyon.com/
--> 
--> Eliyon is an interesting service because it uses clever techniques
--> for parsing Web pages to automatically build a profile about a
--> person, as well as about companies affiliated with the person.
--> Eliyon, much like Google, keeps a cache of relevant Web pages,
--> making the information available even after the original source
--> disappears.
--> 
--> Also, consider the wealth of information that an attacker can
--> gather by tapping into social networking sites such as Friendster
--> and Orkut, either manually, or with the aid of automated data
--> collection tools. Social networking sites have a small
--> neighborhood feel that makes the participants comfortable with
--> revealing lots of personal data. After all, the more information
--> one reveals, the greater the likelihood that someone will find his
--> or her profile attractive for a job or a companionship offer. All
--> in all, this is a social engineer's goldmine.
--> 
--> I'm not advocating information-release paranoia, but I do suggest
--> considering long-term effects of the data you make publicly
--> available about yourself, your friends, or your company. Remember
--> that the Internet, much like an elephant, never forgets.
--> 
--> Lenny Zeltser
--> ISC Handler on Duty
--> www.zeltser.com
--> 

Eric
-- 
#  Eric Lucas
#     "Oh, I have slipped the surly bond of earth
#      And danced the skies on laughter-silvered wings...
#                             -- John Gillespie Magee Jr.
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug