SQL Injection Attack Infects Thousands of Websites - Linux

This is a discussion on SQL Injection Attack Infects Thousands of Websites - Linux ; -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, 11 Jan 2008 12:35:35 -0500, Erik Funkenbusch wrote: > So in other words, you now claim the right to say anything about anyone > without any evidence to back it up, and ...

+ Reply to Thread
Page 2 of 2 FirstFirst 1 2
Results 21 to 28 of 28

Thread: SQL Injection Attack Infects Thousands of Websites

  1. Re: SQL Injection Attack Infects Thousands of Websites

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    On Fri, 11 Jan 2008 12:35:35 -0500,
    Erik Funkenbusch wrote:

    > So in other words, you now claim the right to say anything about anyone
    > without any evidence to back it up, and expect people to believe you.
    >


    reading *you* of all people complain about someone else not providing
    evidence for their claims is amusing at the very least. Very much a case
    of pot calling kettle black.

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.6 (GNU/Linux)

    iD8DBQFHh8vKd90bcYOAWPYRAip0AKDb+dNoZY9Jk9JyIagzbq dRgBefegCgikuQ
    OLYF3IWikjcHhKURw9GRhNM=
    =1uWV
    -----END PGP SIGNATURE-----

    --
    Jim Richardson http://www.eskimo.com/~warlock
    To believe in gun control, one has to believe that guns are not an
    effective means of self-defense, which is why police carry them.

  2. Re: SQL Injection Attack Infects Thousands of Websites

    Erik Funkenbusch wrote:

    > On Fri, 11 Jan 2008 17:21:22 +0100, Peter Köhlmann wrote:
    >
    >> Erik Funkenbusch wrote:
    >>
    >>> On Fri, 11 Jan 2008 09:36:37 +0100, Peter Köhlmann wrote:
    >>>
    >>>> Erik Funkenbusch wrote:
    >>>>
    >>>>> On Thu, 10 Jan 2008 11:59:54 +0100, Peter Köhlmann wrote:
    >>>>>
    >>>>>> How come that Erik Funkenbusch tells us that there are no security
    >>>>>> holes for IIS?
    >>>>>
    >>>>> I don't know. Since I never said that, it would be kind of odd.
    >>>>>
    >>>>>> And this report tells us that there are
    >>>>>
    >>>>> No, it doesn't. It says that applications running under IIS have a
    >>>>> common flaw that affects every web server that provides some form of
    >>>>> programmability, short of having a sanitizing firewall in front of it.
    >>>>>
    >>>>> I've said that IIS6 has not had any critical flaws so far in it's 5
    >>>>> year
    >>>>> existence. I've said that Apache has had numerous critical flaws in
    >>>>> that same timeframe.
    >>>>>
    >>>>> What I have not said is that IIS has no flaws, nor have I said that
    >>>>> applications running under IIS cannot have flaws.
    >>>>>
    >>>>> Why are you lying aboout what i've said?
    >>>>
    >>>> I don't, because you did
    >>>
    >>> Stellar comeback there.
    >>>
    >>> "I'm rubber and you're glue"
    >>>
    >>> What are you? 10?
    >>>
    >>> Provide a reference.

    >>
    >> No. You are by now held to the "flatfish standard". That is, *no*
    >> references if demanded. Deny it all you want, you *did* say so. You did
    >> claim that there were no such problems with IIS. You often mentioned how
    >> bad Apache compares with IIS.

    >
    > So in other words, you now claim the right to say anything about anyone
    > without any evidence to back it up, and expect people to believe you.


    No. *Certain* people. Filth like you, flatfish, Hadron Quark
    You guys are not worth any links at all

    < snip >
    --
    Windows isn't unstable. It's spontaneous.


  3. Re: SQL Injection Attack Infects Thousands of Websites

    On Fri, 11 Jan 2008 21:06:41 +0100, Peter Khlmann wrote:

    >> So in other words, you now claim the right to say anything about anyone
    >> without any evidence to back it up, and expect people to believe you.

    >
    > No. *Certain* people. Filth like you, flatfish, Hadron Quark
    > You guys are not worth any links at all
    >
    > < snip >


    Once again, Peter. You made the claim, entirely out of the blue. You
    claim I said something, yet you refuse to cite such a claim.

    This isn't me saying something and you refusing to believe me. This is YOU
    saying something, and pretending you can just make up anything you want.

  4. Re: SQL Injection Attack Infects Thousands of Websites

    Erik Funkenbusch writes:

    > On Fri, 11 Jan 2008 21:06:41 +0100, Peter Köhlmann wrote:
    >
    >>> So in other words, you now claim the right to say anything about anyone
    >>> without any evidence to back it up, and expect people to believe you.

    >>
    >> No. *Certain* people. Filth like you, flatfish, Hadron Quark
    >> You guys are not worth any links at all
    >>
    >> < snip >

    >
    > Once again, Peter. You made the claim, entirely out of the blue. You
    > claim I said something, yet you refuse to cite such a claim.
    >
    > This isn't me saying something and you refusing to believe me. This is YOU
    > saying something, and pretending you can just make up anything you
    > want.


    He's not pretending anything. He *IS* making things up as he goes
    along. Like most of the COLA "advocates" he attacks the man and not the
    issues. Prime examples of this cranky behaviour include

    1) Disagreeing with Andrew Morton about a swap files performance being
    on a par with a dedicated partition, and

    2) He plumbed new depths, even for a German, in stupidity and inability
    to think outside of the box when he proclaimed that it was "OK" to
    publicise ones WPA key!

    Incredible I know, but true nonetheless. The mind boggles.

  5. Re: SQL Injection Attack Infects Thousands of Websites

    Erik Funkenbusch wrote:

    > On Fri, 11 Jan 2008 21:06:41 +0100, Peter Köhlmann wrote:
    >
    >>> So in other words, you now claim the right to say anything about anyone
    >>> without any evidence to back it up, and expect people to believe you.

    >>
    >> No. *Certain* people. Filth like you, flatfish, Hadron Quark
    >> You guys are not worth any links at all
    >>
    >> < snip >

    >
    > Once again, Peter. You made the claim, entirely out of the blue. You
    > claim I said something, yet you refuse to cite such a claim.


    Poor Erik

    > This isn't me saying something and you refusing to believe me.


    Right. I would refuse to believe you if you claimed that "2+2=4"

    > This is YOU saying something, and pretending you can just make up anything
    > you want.


    No. I simply refuse to provide *you* (and it is *you* specifically) with any
    proof at all. Not just when I write about your claims. Proof you might
    demand for *anything* I write. You, like flatfish, will never again get
    *any* proof from me, even if you ask "nicely".

    You are one of the most dishonest, worst liars ever on usenet. Live with it.
    You brought it about yourself. You simply can't post honestly. Now you get
    treated accordingly. You aren't worth any proof, not even very simple to
    provide ones
    --
    You're not my type. For that matter, you're not even my species


  6. Re: SQL Injection Attack Infects Thousands of Websites

    Hadron wrote:

    > Erik Funkenbusch writes:
    >
    >> On Fri, 11 Jan 2008 21:06:41 +0100, Peter Köhlmann wrote:
    >>
    >>>> So in other words, you now claim the right to say anything about anyone
    >>>> without any evidence to back it up, and expect people to believe you.
    >>>
    >>> No. *Certain* people. Filth like you, flatfish, Hadron Quark
    >>> You guys are not worth any links at all
    >>>
    >>> < snip >

    >>
    >> Once again, Peter. You made the claim, entirely out of the blue. You
    >> claim I said something, yet you refuse to cite such a claim.
    >>
    >> This isn't me saying something and you refusing to believe me. This is
    >> YOU saying something, and pretending you can just make up anything you
    >> want.

    >
    > He's not pretending anything. He *IS* making things up as he goes
    > along. Like most of the COLA "advocates" he attacks the man and not the
    > issues. Prime examples of this cranky behaviour include
    >
    > 1) Disagreeing with Andrew Morton about a swap files performance being
    > on a par with a dedicated partition, and
    >
    > 2) He plumbed new depths, even for a German, in stupidity and inability
    > to think outside of the box when he proclaimed that it was "OK" to
    > publicise ones WPA key!
    >
    > Incredible I know, but true nonetheless. The mind boggles.


    Poor Hadron. Lying two times in two claims in just one post

    As you are such a proponent to "provide proof", you will naturally hurry to
    post the Msg-IDs of these claims, right?

    Or is it suddenly that you will "provide proof only for certain people",
    Hadron Quark, "true linux advocate" par excellence?
    --
    Tact, n.:
    The unsaid part of what you're thinking.


  7. Re: SQL Injection Attack Infects Thousands of Websites

    On Thu, 10 Jan 2008 11:42:54 +0100, OK wrote:
    >On Thu, 10 Jan 2008 09:40:36 +0100, Peter Khlmann
    > wrote:


    >>http://www.modsecurity.org/blog/
    >>
    >>Well, well
    >>
    >>Didn't Erik F tell us just lately that there are no security holes for IIS?
    >>
    >>And don't the wintrolls fall over themselves asserting that they browse
    >>completely secure because they use "AV" (that fairy dust potion which
    >>averts "malware")


    >"Long-Term Fix: Correct the Code


    >Web Developers should identify and correct any Input Validation errors
    >in their code"


    >Nuff said, you idiot.


    You blithering moron. It isn't up to the application developers to protect
    the system software.

  8. Re: SQL Injection Attack Infects Thousands of Websites

    On Sat, 12 Jan 2008 00:30:21 -0000, AZ Nomad wrote:

    > On Thu, 10 Jan 2008 11:42:54 +0100, OK wrote:
    >>On Thu, 10 Jan 2008 09:40:36 +0100, Peter Khlmann
    >> wrote:

    >
    >>>http://www.modsecurity.org/blog/
    >>>
    >>>Well, well
    >>>
    >>>Didn't Erik F tell us just lately that there are no security holes for IIS?
    >>>
    >>>And don't the wintrolls fall over themselves asserting that they browse
    >>>completely secure because they use "AV" (that fairy dust potion which
    >>>averts "malware")

    >
    >>"Long-Term Fix: Correct the Code

    >
    >>Web Developers should identify and correct any Input Validation errors
    >>in their code"

    >
    >>Nuff said, you idiot.

    >
    > You blithering moron. It isn't up to the application developers to protect
    > the system software.


    What does that have to do with what we're discussing?

+ Reply to Thread
Page 2 of 2 FirstFirst 1 2