SecurityFocus
Maintainers of the Bugtraq mailing list.
Friday, October 13, 2000
Security mailing Lists
The following FAQ is a comprehensive list of security mailing lists. These security mailing lists are important tools to network administrators, network security officers, security consultants, and anyone who needs to keep abreast of the most current security information available.
The following FAQ is a comprehensive list of security mailing lists. These security mailing lists are important tools to network administrators, network security officers, security consultants, and anyone who needs to keep abreast of the most current security information available.
COAST Hotlist: Computer Security, Law and Privacy
The COAST archive at Purdue is probably the most complete archive of security-related links on the Internet. If it has to do with security, it's probably in the COAST archive.
The COAST archive at Purdue is probably the most complete archive of security-related links on the Internet. If it has to do with security, it's probably in the COAST archive.
How to Write Secure Code
In the process of writing and auditing our code, we've become increasingly upset at the lack of documentation about writing secure code. To try and fix that, and hopefully make your life easier in the process, we've compiled a list of resources we've stumbled across.
In the process of writing and auditing our code, we've become increasingly upset at the lack of documentation about writing secure code. To try and fix that, and hopefully make your life easier in the process, we've compiled a list of resources we've stumbled across.
The Linux Internet Server Administration Guide
How to build a safe Linux Server. Highly recommended reading, including for Linux newbies.
How to build a safe Linux Server. Highly recommended reading, including for Linux newbies.
Ex-NSA expert warns of concealed backdoors
Ex-spook believes that software backdoors are out there, fuelling conspiracy theories
Ex-spook believes that software backdoors are out there, fuelling conspiracy theories
Linux Encryption HOWTOHow to set up a Linux 2.2 system to use encryption in both disk and network accesses. This document describes how you can use the International Kernel Patch and other packages to make harddisk contents and network traffic inaccessible to others by encrypting them.
Ex-CIA chief compromised secrets
Former CIA Director John Deutch compromised some of the most sensitive defense programs by improperly transferring data about ultrasecret Pentagon programs to computers he used to send e-mail and access the Internet, The Washington Times has learned.
Former CIA Director John Deutch compromised some of the most sensitive defense programs by improperly transferring data about ultrasecret Pentagon programs to computers he used to send e-mail and access the Internet, The Washington Times has learned.
Thursday, October 12, 2000
PGP Freeware
Download the PGP freeware edition US Strenght, eventhough you're outside the USA (thanks to Anonymiser)
Download the PGP freeware edition US Strenght, eventhough you're outside the USA (thanks to Anonymiser)
The Gaul Mysteries
In 1974, the Hull trawler Gaul sank with all hands in the Barents Sea off the North Cape. A quarter of a century on, how and why she sank remains a mystery. She had been spying for British intelligence against the Soviet Northern Fleet. But did the Russians sink her?
In 1974, the Hull trawler Gaul sank with all hands in the Barents Sea off the North Cape. A quarter of a century on, how and why she sank remains a mystery. She had been spying for British intelligence against the Soviet Northern Fleet. But did the Russians sink her?
Cryptome
This website keeps track of security related information and encryption. Definately a 'must read' website.
This website keeps track of security related information and encryption. Definately a 'must read' website.
US Frequency Allocation Chart
This chart displays the US Frequency Allocation.
Source: TSCM Mailing list.
This chart displays the US Frequency Allocation.
Source: TSCM Mailing list.
How we Cracked the Code Book Ciphers
A couple of Swedish guys broke the code challenge (see CODEBOOK for details. Great reading!
A couple of Swedish guys broke the code challenge (see CODEBOOK for details. Great reading!
Wednesday, October 11, 2000
Ad-Adware
Ad-Aware now includes the detection and removal of Web3000, Gator, Cydoor, Radiate\Aureate, Flyswat, Conducent\TimeSink and CometCursor (1.0 and 2.0).
This program (freeware) removes so-called 'spy-ware' from your Windows PC. Just try it and you'll be amazed what is found on your PC...
Ad-Aware now includes the detection and removal of Web3000, Gator, Cydoor, Radiate\Aureate, Flyswat, Conducent\TimeSink and CometCursor (1.0 and 2.0).
This program (freeware) removes so-called 'spy-ware' from your Windows PC. Just try it and you'll be amazed what is found on your PC...
kim-spy: Intelligence and CounterIntelligence
This site has a huge collection of links. It's incredible. Go check it out!
This site has a huge collection of links. It's incredible. Go check it out!
LOCATE MISSING PERSONS - INVESTIGATOR TRAINING
Interesting page with links to sites and tips on how to locate missing persons in the USA.
Interesting page with links to sites and tips on how to locate missing persons in the USA.
Zone Alarm
ZoneAlarm delivers powerful new features and comprehensive Internet security for all users of always-on Internet-connected PCs, whether in a small business office or home setting, and whether using an individual or networked PC.
ZoneAlarm is compatible with Windows 95/98/Me/NT/2000.
ZoneAlarm delivers powerful new features and comprehensive Internet security for all users of always-on Internet-connected PCs, whether in a small business office or home setting, and whether using an individual or networked PC.
ZoneAlarm is compatible with Windows 95/98/Me/NT/2000.
Army Counterintelligence Online
Army Counterintelligence Online is an unofficial web portal for the Army Counterintelligence Discussion Group
Mailing List (ACIDG-L).
With the exception of the ACIDG-L and ACIDG-Lite mailing lists, all resources at this site are open to the public. All information presented on this site is from the public domain and is unclassified.
Army Counterintelligence Online is an unofficial web portal for the Army Counterintelligence Discussion Group
Mailing List (ACIDG-L).
With the exception of the ACIDG-L and ACIDG-Lite mailing lists, all resources at this site are open to the public. All information presented on this site is from the public domain and is unclassified.
Interesting Site "Onkruit"
A Dutch action group called 'Onkruid' (weed) has seized documents about the nuclair arms that are present on the American base 'Volkel' in the Netherlands. Website is in Dutch.
A Dutch action group called 'Onkruid' (weed) has seized documents about the nuclair arms that are present on the American base 'Volkel' in the Netherlands. Website is in Dutch.
Interesting article "Mitnick: ‘Everybody is suspect’"
Infamous hacker Kevin Mitnick warned IT managers Wednesday that unless they educate every employee — from the CEO to the receptionist — about how hackers work and how to bolster security, corporate networks and Web sites will never be safe from attack.
Source: TSCM Mailing List
Infamous hacker Kevin Mitnick warned IT managers Wednesday that unless they educate every employee — from the CEO to the receptionist — about how hackers work and how to bolster security, corporate networks and Web sites will never be safe from attack.
Source: TSCM Mailing List
Interesting article "Freedom Ship 'will be target for terrorists' "
Experts warn of crime wave, security crackdown and danger of hostage-taking on mile-long vessel
Source: TSCM Mailing List
Experts warn of crime wave, security crackdown and danger of hostage-taking on mile-long vessel
Source: TSCM Mailing List
Interesting article "Beware The Security Zealot"
In a certain way, the "hunters" couldn't have been more different. Ex-hacker Chris Davis was responsible for cornering the Welsh teenage Curador - the 18-year-old computer security consultant turned computer criminal - who thought it was cool to snare credit cards from mom-and-pop Web sites and post them where all could see and admire his cunning. It took Davis two days to locate Curador's name, address and phone number.
Source: TSCM Mailing List
In a certain way, the "hunters" couldn't have been more different. Ex-hacker Chris Davis was responsible for cornering the Welsh teenage Curador - the 18-year-old computer security consultant turned computer criminal - who thought it was cool to snare credit cards from mom-and-pop Web sites and post them where all could see and admire his cunning. It took Davis two days to locate Curador's name, address and phone number.
Source: TSCM Mailing List
Microsoft
#include
#include
#include /* Microsoft Network Connectivity library */
#include /* For the court of law */
#define say(x) lie(x)
#define computeruser ALL_WANT_TO_BUY_OUR_BUGWARE
#define next_year soon
#define the_product_is_ready_to_shipanother_beta_version
void main()
{
if (latest_window_version>one_month_old)
{
if (there_are_still_bugs)
market(bugfix);
if (sales_drop_below_certain_point)
raise(RUMOURS_ABOUT_A_NEW_BUGLESS_VERSION);
}
while(everyone_chats_about_new_version)
{
make_false_promise(it_will_be_multitasking); /* Standard Call, in
lie.h */
if (rumours_grow_wilder)
make_false_promise(it_will_be_plug_n_play);
if (rumours_grow_even_wilder)
{
market_time=ripe;
say("It will be ready in one month);
order(programmers, stop_fixing_bugs_in_old_version);
order(programmers, start_brainstorm_about_new_version);
order(marketingstaff, permission_to_spread_nonsense);
vapourware=TRUE;
break;
}
}
switch (nasty_questions_of_the_worldpress)
{
case WHEN_WILL_IT_BE_READY:
say("It will be ready in", today+30_days," we're just testing");
break;
case WILL_THIS_PLUG_AND_PLAY_THING_WORK:
say("Yes it will work");
ask(programmers, why_does_it_not_work);
pretend(there_is_no_problem);
break;
case WHAT_ARE_MINIMAL_HARDWARE_REQUIREMENTS:
say("It will run on a 8086 with lightning speed due to"
" the 32 bits architecture");
inform(INTEL, "Pentium sales will rise skyhigh");
inform(SAMSUNG, "Start a new memorychip plant"
"'cos all those customers will need at least 32 megs");
inform(QUANTUM, "Thanks to our fatware your sales will triple");
get_big_bonus(INTEL, SAMSUNG, QUANTUM);
break;
case DOES_MICROSOFT_GET_TOO_MUCH_INFLUENCE:
say("Oh no, we are just here to make a better world for
everyone");
register(journalist, Big_Bill_Book);
when(time_is_ripe)
{
arrest(journalist);
brainwash(journalist);
when(journalist_says_windows95_is_bugfree)
{
order(journalist, "write a nice objective article");
release (journalist);
}
}
break;
}
while (vapourware)
{
introduction_date++; /* Delay */
if (no_one_believes_anymore_there_will_be_a_release)
break;
say("It will be ready in",today+ONE_MONTH);
}
release(beta_version)
while (everyone_is_dumb_enough_to_buy_our_bugware)
{
bills_bank_account += 150*megabucks;
release(new_and_even_better_beta_version);
introduce(more_memory_requirements);
if (customers_report_installation_problems)
{
say("that is a hardware problem, not a software problem");
if (smart_customer_says_but_you_promised_plug_and_play)
{
ignore(customer);
order(microsoft_intelligence_agency, "Keep an eye on this
bastard");
}
}
if ( bills_bank_account>skyhigh && marriage>two_years )
{
divorce(woman_that_was_beautiful_when_I_married_her);
wave(dollars, at_lusty_chicks);
marry(young_blond_virgin);
devirginize(young_blond_virgin);
dump(young_blond_virgin_with_big_boobies);
if (there_is_another_company)
{
steal(their_ideas);
accuse(company, stealing_our_ideas);
hire(a_lot_of_lawyers); /* in process.h */
wait(until_other_company_cannot_afford_another_lawsuit);
buy_out(other_company);
}
}
/* Now everyone realizes that we sell bugware and they are all angry at
us */
order(plastic_surgeon, make_bill_look_like_poor_bastard);
buy(nice_little_island); hire(harem);
laugh_at(everyone,
for_having_the_patience_year_after_year_for_another_unfinished_version);
}
void bugfix(void)
{
charge (a_lot_of_money)
if (customer_says_he_does_not_want_to_pay_for_bugfix)
say("It is not a bugfix but a new version");
if (still_complaints)
{
ignore(customer);
register(customer, big_Bill_book);
/* We'll get him when everyone uses Billware!!*/
}
}
#include
#include
#include
#include
#define say(x) lie(x)
#define computeruser ALL_WANT_TO_BUY_OUR_BUGWARE
#define next_year soon
#define the_product_is_ready_to_shipanother_beta_version
void main()
{
if (latest_window_version>one_month_old)
{
if (there_are_still_bugs)
market(bugfix);
if (sales_drop_below_certain_point)
raise(RUMOURS_ABOUT_A_NEW_BUGLESS_VERSION);
}
while(everyone_chats_about_new_version)
{
make_false_promise(it_will_be_multitasking); /* Standard Call, in
lie.h */
if (rumours_grow_wilder)
make_false_promise(it_will_be_plug_n_play);
if (rumours_grow_even_wilder)
{
market_time=ripe;
say("It will be ready in one month);
order(programmers, stop_fixing_bugs_in_old_version);
order(programmers, start_brainstorm_about_new_version);
order(marketingstaff, permission_to_spread_nonsense);
vapourware=TRUE;
break;
}
}
switch (nasty_questions_of_the_worldpress)
{
case WHEN_WILL_IT_BE_READY:
say("It will be ready in", today+30_days," we're just testing");
break;
case WILL_THIS_PLUG_AND_PLAY_THING_WORK:
say("Yes it will work");
ask(programmers, why_does_it_not_work);
pretend(there_is_no_problem);
break;
case WHAT_ARE_MINIMAL_HARDWARE_REQUIREMENTS:
say("It will run on a 8086 with lightning speed due to"
" the 32 bits architecture");
inform(INTEL, "Pentium sales will rise skyhigh");
inform(SAMSUNG, "Start a new memorychip plant"
"'cos all those customers will need at least 32 megs");
inform(QUANTUM, "Thanks to our fatware your sales will triple");
get_big_bonus(INTEL, SAMSUNG, QUANTUM);
break;
case DOES_MICROSOFT_GET_TOO_MUCH_INFLUENCE:
say("Oh no, we are just here to make a better world for
everyone");
register(journalist, Big_Bill_Book);
when(time_is_ripe)
{
arrest(journalist);
brainwash(journalist);
when(journalist_says_windows95_is_bugfree)
{
order(journalist, "write a nice objective article");
release (journalist);
}
}
break;
}
while (vapourware)
{
introduction_date++; /* Delay */
if (no_one_believes_anymore_there_will_be_a_release)
break;
say("It will be ready in",today+ONE_MONTH);
}
release(beta_version)
while (everyone_is_dumb_enough_to_buy_our_bugware)
{
bills_bank_account += 150*megabucks;
release(new_and_even_better_beta_version);
introduce(more_memory_requirements);
if (customers_report_installation_problems)
{
say("that is a hardware problem, not a software problem");
if (smart_customer_says_but_you_promised_plug_and_play)
{
ignore(customer);
order(microsoft_intelligence_agency, "Keep an eye on this
bastard");
}
}
if ( bills_bank_account>skyhigh && marriage>two_years )
{
divorce(woman_that_was_beautiful_when_I_married_her);
wave(dollars, at_lusty_chicks);
marry(young_blond_virgin);
devirginize(young_blond_virgin);
dump(young_blond_virgin_with_big_boobies);
if (there_is_another_company)
{
steal(their_ideas);
accuse(company, stealing_our_ideas);
hire(a_lot_of_lawyers); /* in process.h */
wait(until_other_company_cannot_afford_another_lawsuit);
buy_out(other_company);
}
}
/* Now everyone realizes that we sell bugware and they are all angry at
us */
order(plastic_surgeon, make_bill_look_like_poor_bastard);
buy(nice_little_island); hire(harem);
laugh_at(everyone,
for_having_the_patience_year_after_year_for_another_unfinished_version);
}
void bugfix(void)
{
charge (a_lot_of_money)
if (customer_says_he_does_not_want_to_pay_for_bugfix)
say("It is not a bugfix but a new version");
if (still_complaints)
{
ignore(customer);
register(customer, big_Bill_book);
/* We'll get him when everyone uses Billware!!*/
}
}
Subscribe to:
Posts (Atom)
