[iwar] news

From: Fred Cohen (fc@all.net)
Date: 2001-04-10 06:21:08

Return-Path: <sentto-279987-1123-986908871-fc=all.net@returns.onelist.com>
Delivered-To: fc@all.net
Received: from by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Tue, 10 Apr 2001 06:22:07 -0700 (PDT)
Received: (qmail 20984 invoked by uid 510); 10 Apr 2001 12:22:13 -0000
Received: from ho.egroups.com ( by with SMTP; 10 Apr 2001 12:22:13 -0000
X-eGroups-Return: sentto-279987-1123-986908871-fc=all.net@returns.onelist.com
Received: from [] by ho.egroups.com with NNFMP; 10 Apr 2001 13:21:11 -0000
X-Sender: fc@all.net
X-Apparently-To: iwar@onelist.com
Received: (EGP: mail-7_1_1); 10 Apr 2001 13:21:09 -0000
Received: (qmail 97124 invoked from network); 10 Apr 2001 13:21:09 -0000
Received: from unknown ( by l10.egroups.com with QMQP; 10 Apr 2001 13:21:09 -0000
Received: from unknown (HELO all.net) ( by mta3 with SMTP; 10 Apr 2001 14:22:13 -0000
Received: (from fc@localhost) by all.net (8.9.3/8.7.3) id GAA20028 for iwar@onelist.com; Tue, 10 Apr 2001 06:21:08 -0700
Message-Id: <200104101321.GAA20028@all.net>
To: iwar@onelist.com (Information Warfare Mailing List)
Organization: I'm not allowed to say
X-Mailer: don't even ask
X-Mailer: ELM [version 2.5 PL1]
From: Fred Cohen <fc@all.net>
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Delivered-To: mailing list iwar@yahoogroups.com
Precedence: bulk
List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com>
Date: Tue, 10 Apr 2001 06:21:08 -0700 (PDT)
Reply-To: iwar@yahoogroups.com
Subject: [iwar] news
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

Palestinian guilty in email death-trap case

A Palestinian woman has been found guilty in a remarkable case that
illustrates the increasing use of the Internet in political struggles. 
A Palestinian woman was found guilty on Sunday for the voluntary
manslaughter of a 16-year-old Israeli schoolboy that she met on the
Internet.  The plot was part of an online strategy to publicise the
Palestinian cause.  Ophir Rahum, a 16-year-old computer enthusiast met
24-year-old "Sally", a "Moroccan Jew", in an Internet chatroom in
October.  After exchanging affectionate emails for three months, the
Jewish boy was lured from his home near Tel Aviv into meeting the woman
for sex.  "Sally" was not Jewish, but in fact a Palestinian
photographer, Mona Amna, who had set out to entice an Israeli boy to the
West Bank, in order to revenge the murders of Palestinian militants
during the intifada, or uprising. 

Hackers turn racist in attack on hardware site PC motherboard specialist
PC Chips has fallen victim to defacement in an attack that shows that
hackers can be unthinking racists.  The home page of the site, which
runs Apache on a Red Hat Linux server, was replaced by a message from
the 1i0n Crew, which contained in its headline the racist remark " Kill
all the Japanese!", the defacement can be seen here.  The name of the
hacking crew is associated with a Linux worm, called Lion, that attacks
BIND servers and installs DDoS tools, and which poses a serious current
risk to Web site administrators.  Paul Rogers, network security analyst
at MIS Corporate Defence, said from the evidence on defacement archives
it was likely that PC Chips, which is hosted in Hong Kong, had been hit
with a variant of the Lion worm. 

Federal Systems Increasingly Falling Prey to Hackers Officials testify
before Congress about risks of root privilege compromises Hackers are
becoming more and more successful in gaining root-privilege control of
government computer systems containing sensitive information, said
federal officials who testified last week before a U.S.  House
subcommittee.  The officials said computers at many agencies are riddled
with security weaknesses and that little is being done to change that. 
When an attacker gets root privileges to a server, he essentially has
the power to do anything a systems administrator could do, from copying
files to installing software such as sniffer programs that can monitor
the activities of end users.  And intruders are increasingly doing just
that, the officials told the House Subcommittee on Oversight and
Investigation.  "The increase in the number of root compromises,
denial-of-service attacks, network reconnaissance activities,
destructive viruses and malicious code, coupled with the advances in
attack sophistication, pose a measurable threat to government systems, "
said Sallie McDonald, an assistant commissioner at the General Services
Administration (GSA). 

German Threat Raises Infowar Fear The Germans are planning an attack. 
At least, that's the threat that Interior Minister Otto Schily has made,
vowing the German government may resort to denial-of-service attacks as
a way to shut down U.S.  and other foreign websites that help German
neo-Nazis.  Condemnation of the plan was immediate.  But as of Monday
afternoon in Germany, Schily's office had reported no backtracking from
his statement, which has been the focus of recent media attention in
Germany.  "If I said something like this in public as a speaker of the
Chaos Computer Club, I could count the minutes before I had an
investigation against me," said Andy Mueller-Maguhn, a leader of
Berlin's famed CCC hacker group -- and also Europe's representative on
the ICANN board.  "It might be that Mr.  Schily does not know anything
about infowar, but I know a lot of countries see attacks coming at their
computers from other countries as an act of war.  If even one country in
the world were to start acting like this, it could lead to an open
infowar that no one could win."

Spies like us online "You can hope that your staff are only surfing the
Net for business use...or you can ensure it." That's the rather ominous
marketing pitch from SurfControl, one of the leading purveyors of
Web-filtering software for businesses.  The SurfWatch system--and
similar products from Elron Software, Websense and others--can monitor
and log each Web site network users visit.  They're able to block access
to specific sites a company deems inappropriate, as well as to
predefined site categories.  They provide sophisticated data-reporting
tools that can red-flag individuals who are visiting an unusual number
of nonbusiness-related Web sites.  Sound creepy? It's maybe even
creepier once you realize that surveillance of employees' Internet
activity is surprisingly common.  According to the American Management
Association, 54 percent of the 2,100 companies it surveyed last year
said they monitor Internet usage in some way. 

Security staff face licensing IT security staff may require a government
licence in future to do their work, Home Office minister Charles Clarke
has warned.  Clarke last week refused to concede IT consultants should
be exempt from the government-backed Private Security Industry (PSI)
Bill, which was originally intended to cover bouncers and
wheel-clampers.  Now at committee stage in the House of Commons, the
bill covers anyone advising on "security precautions in relation to any
risk to property".  Tim Conway, policy director at IT trade body the
CSSA, said the CSSA had objected to the bill because the government had
not consulted representatives of all the sectors affected, as required. 

------------------------ Yahoo! Groups Sponsor ---------------------~-~>
Do you have 128-bit SSL encryption server security?
Get VeriSign's FREE Guide, "Securing Your
Web Site for Business." Get it now!


Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 

This archive was generated by hypermail 2.1.2 : 2001-06-30 21:44:07 PDT