[iwar] news

From: Fred Cohen (fc@all.net)
Date: 2001-04-20 07:07:39

Return-Path: <sentto-279987-1142-987775661-fc=all.net@returns.onelist.com>
Delivered-To: fc@all.net
Received: from by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Fri, 20 Apr 2001 07:08:07 -0700 (PDT)
Received: (qmail 3760 invoked by uid 510); 20 Apr 2001 13:08:28 -0000
Received: from ml.egroups.com ( by with SMTP; 20 Apr 2001 13:08:28 -0000
X-eGroups-Return: sentto-279987-1142-987775661-fc=all.net@returns.onelist.com
Received: from [] by ml.egroups.com with NNFMP; 20 Apr 2001 14:07:42 -0000
X-Sender: fc@all.net
X-Apparently-To: iwar@onelist.com
Received: (EGP: mail-7_1_2); 20 Apr 2001 14:07:41 -0000
Received: (qmail 72178 invoked from network); 20 Apr 2001 14:07:39 -0000
Received: from unknown ( by l10.egroups.com with QMQP; 20 Apr 2001 14:07:39 -0000
Received: from unknown (HELO all.net) ( by mta3 with SMTP; 20 Apr 2001 14:07:39 -0000
Received: (from fc@localhost) by all.net (8.9.3/8.7.3) id HAA19592 for iwar@onelist.com; Fri, 20 Apr 2001 07:07:39 -0700
Message-Id: <200104201407.HAA19592@all.net>
To: iwar@onelist.com (Information Warfare Mailing List)
Organization: I'm not allowed to say
X-Mailer: don't even ask
X-Mailer: ELM [version 2.5 PL1]
From: Fred Cohen <fc@all.net>
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Delivered-To: mailing list iwar@yahoogroups.com
Precedence: bulk
List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com>
Date: Fri, 20 Apr 2001 07:07:39 -0700 (PDT)
Reply-To: iwar@yahoogroups.com
Subject: [iwar] news
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

China renews crackdown on cyber-dissent Police have detained a veteran
Chinese activist who printed out pro-democracy material from a Web site
and an engineer whose home page carried a vehement denunciation of
communism, a human rights group said Thursday.  Police would not confirm
the report, but it came amid intensified efforts to block use of the
Internet to spread opposition to communist rule.  A teacher was
sentenced in March to two years in prison for criticizing the Communist
Party in an online discussion.  Veteran activist Chi Shouzhu was picked
up Wednesday shortly after printing online materials using a friend's
computer, said the Hong Kong-based Information Center for Human Rights
and Democracy.

Summit under cyber siege? The 20 mile long fence surrounding the site of
this weekend's Summit of the Americas and the 6,700 police officers on
hand to control protestors on the streets of Quebec City may succeed in
keeping demonstrators away from visiting heads of state, but they'll do
nothing to protect the Summit's most vulnerable targets.  THE HEAVY
SECURITY may be encouraging a far less predictable form of protest at
the three-day summit, one aimed at computer systems rather than
delegates.  As one Website thehacktivist.com is pointing out, The Mouse
is Mightier than the Baton.

Federally funded security group to sell warning data A taxpayer-funded
computer security group will sell its security warnings to corporations
-- a service that already comes free to government agencies.  Over 30
corporations have expressed interest in the service, provided by the
CERT Coordination Center at Carnegie Mellon University in Pittsburgh. 
``There are opportunities here to build on 13 years of experience in
this area,'' CERT spokesman Bill Pollak said Thursday.  ``That has been
limited by the fact that the large majority of funding comes from the

Exploit devastates WinNT/2K security An application called SMBRelay,
written by cDc's Sir Dystic, exploits a design flaw in the SMB (Server
Message Block) protocol on Win NT/2K boxes, easily enabling an attacker
to interpose himself between the client and the server.  The program
enables access to the server using the client's authentication by acting
as a 'man in the middle' to both.  For this reason it's quite difficult
to defend against, unless a user blocks port 139 -- which is needed for
NetBIOS sessions and therefore not practical for networked boxes -- or
by using NTLMv2 which employs 128bit encrypted keys and eliminates
LANMAN (NT LAN Manager, or NTLM) hashes for NT clients. 

IDC: Security software to total billions by 2004 Two reports from market
research firm International Data Corp.  (IDC) this week forecast that
two different sectors of the market for corporate network security
products will top $1 billion by 2004.  Intrusion detection and
vulnerability assessment products will break through the
$1-billion-a-year revenue mark by 2003, according to a report released
Wednesday by IDC, while the three A's - authentication, authorization,
and administration -- will top $7.7 billion by 2004, according to a
study published Monday. 

------------------------ Yahoo! Groups Sponsor ---------------------~-~>
Secure your servers with 128-bit SSL encryption!
Grab your copy of VeriSign's FREE Guide,
"Securing Your Web site for Business." Get it now!


Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 

This archive was generated by hypermail 2.1.2 : 2001-06-30 21:44:08 PDT