Re: [cobalt-users] RISKY BUSINESS

["Carrie Bartkowiak" <ravencarrie@xxxxxxxx>]

> You know, I see poor souls getting hacked in here all the time. It's
almost
> like they're missing the ugly simple truth:

Actually Rob, I think you're the one missing the ugly simple truth:
being on this list is one of the most sure-fire ways to bring
attention to yourself and the vulnerabilities of your server.

Anyone can sign up for this list, with no proof as to whether they
own/lease a Cobalt or not. We've got a handful of active posters, have
you any idea how many subscribers there are who simply read the list
and don't post? Now, how many of those lurkers are script kiddies (or
worse), just waiting for someone to post their IP address or admit
that they've got some serious problem that needs attention?

How many times have you seen someone post that they really needed
help, and then soon afterward were reporting that they were haqd? I've
seen it tons of times, it's frightening.

Yes, the services that you run are an important part of why you get
haqd. If you don't keep up with updates and patches, eventually
someone doing a scan will find you and come calling. But why should
haqqers go to the trouble of running scans when all they have to do is
filter this mailing list for specific words - and then trace down the
person's domain name, name servers, IP address? It's much easier. They
*know* that the people on this list have Cobalts, they are usually
told right in the post what the person is running and whether or not
they've been patched up sufficiently - it's like free cake at a party
you've snuck into.

It's not that admins on this list who actually do web hosting allow
their customers to upload files - it's that the admins post letters to
this list and call attention to themselves.

CarrieB