Prev: INNOBATE AntiVirus Basic product update
Next: Came across this list of e-mail user accounts and password hashes
From: Virus Guy on 8 Mar 2010 08:49
Anyone want to comment on the technical accuracy / execution of this
website:

http://bcheck.scanit.be/bcheck/

I'm looking for 2 answers:

1) are the tests designed and executed correctly to simulate the browser
exploits being tested for?

2) what fraction of all possible (all known) drive-by exploits are
represented by these tests?

Is anyone in a position to test, say, an unpatched XP-SP1 or SP2
installation?
From: Virus Guy on 8 Mar 2010 09:29
ASCII wrote:

> I have XP home SP2, isn't the Service Pack considered a patch?
>
> I ran all the tests and no vulns were detected here.

Is your system fully patched?

What I meant was, does anyone have a machine in a "virgin" XP-SP1 or SP2
state where some of these vulnerabilities are not patched.
From: Dustin Cook on 12 Mar 2010 05:08
Virus Guy <Virus(a)Guy.com> wrote in news:4B950071.38B52A5C(a)Guy.com:

> Anyone want to comment on the technical accuracy / execution of this
> website:
>
> http://bcheck.scanit.be/bcheck/
>
> I'm looking for 2 answers:
>
> 1) are the tests designed and executed correctly to simulate the browser
> exploits being tested for?
>
> 2) what fraction of all possible (all known) drive-by exploits are
> represented by these tests?
>
> Is anyone in a position to test, say, an unpatched XP-SP1 or SP2
> installation?
>

I'm just curious, at what point will you do any of the research for your
questions on your own; and possibly share what you find? Instead of asking
people here and in other forums to do it all for you? You really won't
(obviously) learn much if others have to keep explaining things to you.


--
"Hrrngh! Someday I'm going to hurl this...er...roll this...hrrngh.. nudge
this boulder right down a cliff." - Goblin Warrior

From: Virus Guy on 12 Mar 2010 09:31
Dustin Cook wrote:

> > Anyone want to comment on the technical accuracy / execution of
> > this website:
> >
> > http://bcheck.scanit.be/bcheck/
> >
> > Is anyone in a position to test, say, an unpatched XP-SP1 or SP2
> > installation?
>
> I'm just curious, at what point will you do any of the research for
> your questions on your own;

If I was already a user of a system with virtualization capability it
would be easier for me to simulate platforms with known unpatched
vulnerabilities and hence I would have my answer. Since I don't have a
system with virtualization capability, I figured there would be no harm
in putting forward this question to this community.

Why are you taking my post so bluntly? What exactly do you have against
people asking questions on usenet? Is that a foreign concept for you?

Should I have not mentioned that site here?

Should I have not invited discussion as to the operational merits of the
facility being offered by that site?

Should I have not asked here if others can test the functional accuracy
of that site?

> and possibly share what you find? Instead of asking people
> here and in other forums to do it all for you?

What the hell kind of attitude is that?

Where do you get off that I want to sit back and let others do all the
work?

If you were to look back at my posts here, you'd see plenty of evidence
of what I investigate and post the results of. When there are things I
can't do (or do easily) why does it offend you if I ask if others might
be interested enough to try it?

> You really won't (obviously) learn much if others have to
> keep explaining things to you.

What you're saying is that nobody should ever ask a question, and nobody
should ever explain something to someone else. Not here, not in usenet,
maybe not even in a classroom. Because if they ask, then they'll never
learn. Just what is the nature of learning then?

So what should be posted to these newsgroups, if not questions?

What does that leave?

If you don't want to discuss that web-browser test site, then fine, you
didn't have to post a reply.

That you posted a reply that is just abusive says a lot about your
character.
From: George Orwell on 13 Mar 2010 04:57

"Virus Guy" wrote:
> Should I have not asked here if others can test the functional accuracy
> of that site?

What you should have asked is if you could stick your finger up ASCII's bum.

On second thoughts, ASCII's answer would be a resounding "Yes", making the
question moot and possibly generating further disapproving comments from
the group, so perhaps it was better left un-asked.

There is no need to wait for an invitation, by the way. ASCII's bum is always
primed and ready for a good hard male-to-male prostate stimuation session.



Il mittente di questo messaggio|The sender address of this
non corrisponde ad un utente |message is not related to a real
reale ma all'indirizzo fittizio|person but to a fake address of an
di un sistema anonimizzatore |anonymous system
Per maggiori informazioni |For more info
https://www.mixmaster.it

 | 
Pages: 1
Prev: INNOBATE AntiVirus Basic product update
Next: Came across this list of e-mail user accounts and password hashes