thats some crazy stuff in the security lists
chuks, I just read the thread regarding the kplc site, including the threats... Wooaaa! Me now knows not to host locally until SPs get it right. How bad is the situation on security on the kenyan www? And are critical sectors like banking, emergency services etc all upto date or do they not listen? Which reminds me, I need to query the bank about its security plans when they offer email statements and online banking. I think without such info, there is no need for people to offer e-services if there are many exploits that soften the systems. You seem to be better position to discuss this.
Personally i think its childish to waste time name calling and issuing threats when you are unable to protect your systems. First reason you exist as a security guy is those same people you are insulting. On this one im with the unknown heroes like root@bsd et al. On 8/10/09, aki <aki275@googlemail.com> wrote:
chuks, I just read the thread regarding the kplc site, including the threats... Wooaaa! Me now knows not to host locally until SPs get it right. How bad is the situation on security on the kenyan www? And are critical sectors like banking, emergency services etc all upto date or do they not listen?
Which reminds me, I need to query the bank about its security plans when they offer email statements and online banking. I think without such info, there is no need for people to offer e-services if there are many exploits that soften the systems.
You seem to be better position to discuss this.
-- Its Possible! http://www.itspossible.afraha.com Collins Areba Omwoyo +254 735 824872 / +254 720 516758 arebacollins[at]gmail[dot]com
@Areba, by threats I meant this thread on the security lists. http://lists.my.co.ke/pipermail/security/2009-August/000543.html Seems the security thing is some crazy stuff.
Not many Kenyans do understand the importance of Info-security and they ignore it as long as machines are running and so is business, and what is happening in seclist is what happens when hackers and security guys start hating on each other. Yes we have been at war with r00t@bsd guys, all over and over again. Back in 2005 there was such a greater fight than the one going on right now. The last post by some cop, shows we have people listening in Govt, so infosec guys need to be careful, blackhats and script kiddles too. Organizations need to know we are in new era of technology and information, hacking, information leaking, Business espionage and others are real. They need to protect their clients wherever possible. ./Chuks On 8/11/09, Areba Collins <arebacollins@gmail.com> wrote:
Personally i think its childish to waste time name calling and issuing threats when you are unable to protect your systems. First reason you exist as a security guy is those same people you are insulting. On this one im with the unknown heroes like root@bsd et al.
On 8/10/09, aki <aki275@googlemail.com> wrote:
chuks, I just read the thread regarding the kplc site, including the threats... Wooaaa! Me now knows not to host locally until SPs get it right. How bad is the situation on security on the kenyan www? And are critical sectors like banking, emergency services etc all upto date or do they not listen?
Which reminds me, I need to query the bank about its security plans when they offer email statements and online banking. I think without such info, there is no need for people to offer e-services if there are many exploits that soften the systems.
You seem to be better position to discuss this.
-- Its Possible! http://www.itspossible.afraha.com
Collins Areba Omwoyo +254 735 824872 / +254 720 516758 arebacollins[at]gmail[dot]com _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks Other services @ http://my.co.ke Other lists ------------- Announce: http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks-announce Science: http://lists.my.co.ke/cgi-bin/mailman/listinfo/science kazi: http://lists.my.co.ke/cgi-bin/mailman/admin/kazi/general
-- -- Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P I.T Security Analyst and Penetration Tester infosigmer@inbox.com {FORUM}http://lists.my.co.ke/pipermail/security/ http://nspkenya.blogspot.com/ http://chuksjonia.blogspot.com/
really funny coz none of those people appear to really know what they are saying/doing. -the hackers think they are cool by defacing websites (usually done by excited newbies probably got their first computer no so long ago and needs to demonstrate to their peers how far they advanced with their new found skills, maybe in college doing their first degree). Will get bored when they meet girls and discover how uncool their new found skills are. -the supposed govt agents dont talk so educated at all. you dont tip off potential suspects at all instead you lay a trap for them to further your case. As for the govt supercomputers..hahaha even if they monitor isp traffic it wud take them years to decrypt some of the common encryption schemes employed by most internet applications(esp. financial apps) and same applies to the hackers. most of the websites are simply defaced due to ignorance and incompetence by the admins and not coz of the really "great skillz" of the hacker. and anyway most local websites are formalities (never get updated and the admins hardly know when they are down or defaced) On 8/11/09, Gichuki John Chuksjonia <chuksjonia@gmail.com> wrote:
Not many Kenyans do understand the importance of Info-security and they ignore it as long as machines are running and so is business, and what is happening in seclist is what happens when hackers and security guys start hating on each other.
Yes we have been at war with r00t@bsd guys, all over and over again. Back in 2005 there was such a greater fight than the one going on right now.
The last post by some cop, shows we have people listening in Govt, so infosec guys need to be careful, blackhats and script kiddles too.
Organizations need to know we are in new era of technology and information, hacking, information leaking, Business espionage and others are real. They need to protect their clients wherever possible.
./Chuks
On 8/11/09, Areba Collins <arebacollins@gmail.com> wrote:
Personally i think its childish to waste time name calling and issuing threats when you are unable to protect your systems. First reason you exist as a security guy is those same people you are insulting. On this one im with the unknown heroes like root@bsd et al.
On 8/10/09, aki <aki275@googlemail.com> wrote:
chuks, I just read the thread regarding the kplc site, including the threats... Wooaaa! Me now knows not to host locally until SPs get it right. How bad is the situation on security on the kenyan www? And are critical sectors like banking, emergency services etc all upto date or do they not listen?
Which reminds me, I need to query the bank about its security plans when they offer email statements and online banking. I think without such info, there is no need for people to offer e-services if there are many exploits that soften the systems.
You seem to be better position to discuss this.
-- Its Possible! http://www.itspossible.afraha.com
Collins Areba Omwoyo +254 735 824872 / +254 720 516758 arebacollins[at]gmail[dot]com _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks Other services @ http://my.co.ke Other lists ------------- Announce: http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks-announce Science: http://lists.my.co.ke/cgi-bin/mailman/listinfo/science kazi: http://lists.my.co.ke/cgi-bin/mailman/admin/kazi/general
-- -- Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P I.T Security Analyst and Penetration Tester infosigmer@inbox.com
{FORUM}http://lists.my.co.ke/pipermail/security/ http://nspkenya.blogspot.com/ http://chuksjonia.blogspot.com/ _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks Other services @ http://my.co.ke Other lists ------------- Announce: http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks-announce Science: http://lists.my.co.ke/cgi-bin/mailman/listinfo/science kazi: http://lists.my.co.ke/cgi-bin/mailman/admin/kazi/general
@aki i meant the discussions, i think instead of fighting in public, let the so called hackers hack and let the self proclaimed big brother catch them if they can. The relationship between them in my opinion is symbiotic, each one needs the other. On 8/10/09, Jacob Ayienda <jacobayienda@gmail.com> wrote:
really funny coz none of those people appear to really know what they are saying/doing.
-the hackers think they are cool by defacing websites (usually done by excited newbies probably got their first computer no so long ago and needs to demonstrate to their peers how far they advanced with their new found skills, maybe in college doing their first degree). Will get bored when they meet girls and discover how uncool their new found skills are.
-the supposed govt agents dont talk so educated at all. you dont tip off potential suspects at all instead you lay a trap for them to further your case. As for the govt supercomputers..hahaha even if they monitor isp traffic it wud take them years to decrypt some of the common encryption schemes employed by most internet applications(esp. financial apps) and same applies to the hackers.
most of the websites are simply defaced due to ignorance and incompetence by the admins and not coz of the really "great skillz" of the hacker. and anyway most local websites are formalities (never get updated and the admins hardly know when they are down or defaced)
On 8/11/09, Gichuki John Chuksjonia <chuksjonia@gmail.com> wrote:
Not many Kenyans do understand the importance of Info-security and they ignore it as long as machines are running and so is business, and what is happening in seclist is what happens when hackers and security guys start hating on each other.
Yes we have been at war with r00t@bsd guys, all over and over again. Back in 2005 there was such a greater fight than the one going on right now.
The last post by some cop, shows we have people listening in Govt, so infosec guys need to be careful, blackhats and script kiddles too.
Organizations need to know we are in new era of technology and information, hacking, information leaking, Business espionage and others are real. They need to protect their clients wherever possible.
./Chuks
On 8/11/09, Areba Collins <arebacollins@gmail.com> wrote:
Personally i think its childish to waste time name calling and issuing threats when you are unable to protect your systems. First reason you exist as a security guy is those same people you are insulting. On this one im with the unknown heroes like root@bsd et al.
On 8/10/09, aki <aki275@googlemail.com> wrote:
chuks, I just read the thread regarding the kplc site, including the threats... Wooaaa! Me now knows not to host locally until SPs get it right. How bad is the situation on security on the kenyan www? And are critical sectors like banking, emergency services etc all upto date or do they not listen?
Which reminds me, I need to query the bank about its security plans when they offer email statements and online banking. I think without such info, there is no need for people to offer e-services if there are many exploits that soften the systems.
You seem to be better position to discuss this.
-- Its Possible! http://www.itspossible.afraha.com
Collins Areba Omwoyo +254 735 824872 / +254 720 516758 arebacollins[at]gmail[dot]com _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks Other services @ http://my.co.ke Other lists ------------- Announce: http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks-announce Science: http://lists.my.co.ke/cgi-bin/mailman/listinfo/science kazi: http://lists.my.co.ke/cgi-bin/mailman/admin/kazi/general
-- -- Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P I.T Security Analyst and Penetration Tester infosigmer@inbox.com
{FORUM}http://lists.my.co.ke/pipermail/security/ http://nspkenya.blogspot.com/ http://chuksjonia.blogspot.com/ _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks Other services @ http://my.co.ke Other lists ------------- Announce: http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks-announce Science: http://lists.my.co.ke/cgi-bin/mailman/listinfo/science kazi: http://lists.my.co.ke/cgi-bin/mailman/admin/kazi/general
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks Other services @ http://my.co.ke Other lists ------------- Announce: http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks-announce Science: http://lists.my.co.ke/cgi-bin/mailman/listinfo/science kazi: http://lists.my.co.ke/cgi-bin/mailman/admin/kazi/general
-- Its Possible! http://www.itspossible.afraha.com Collins Areba Omwoyo +254 735 824872 / +254 720 516758 arebacollins[at]gmail[dot]com
First we had Philip who suggested Doom, Wolf for a 5 year old and now Jacob....lmfao! :-) On Tue, Aug 11, 2009 at 7:30 PM, Jacob Ayienda <jacobayienda@gmail.com>wrote:
..............................Will get bored when they meet girls and discover how uncool their new found skills are..........................................
-- Sign on my car is " L " plates : c#.net
participants (4)
-
aki -
Areba Collins -
Gichuki John Chuksjonia -
Jacob Ayienda