Return-Path: <sentto-279987-1401-994453760-fc=all.net@returns.onelist.com> Delivered-To: fc@all.net Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Fri, 06 Jul 2001 14:10:09 -0700 (PDT) Received: (qmail 13265 invoked by uid 510); 6 Jul 2001 20:11:20 -0000 Received: from ei.egroups.com (64.211.240.237) by 204.181.12.215 with SMTP; 6 Jul 2001 20:11:20 -0000 X-eGroups-Return: sentto-279987-1401-994453760-fc=all.net@returns.onelist.com Received: from [10.1.4.54] by ei.egroups.com with NNFMP; 06 Jul 2001 21:09:20 -0000 X-Sender: fc@big.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-7_2_0); 6 Jul 2001 21:09:20 -0000 Received: (qmail 26844 invoked from network); 6 Jul 2001 21:09:19 -0000 Received: from unknown (10.1.10.26) by l8.egroups.com with QMQP; 6 Jul 2001 21:09:19 -0000 Received: from unknown (HELO big.all.net) (65.0.156.78) by mta1 with SMTP; 6 Jul 2001 21:09:19 -0000 Received: (from fc@localhost) by big.all.net (8.9.3/8.7.3) id OAA25117 for iwar@onelist.com; Fri, 6 Jul 2001 14:09:18 -0700 Message-Id: <200107062109.OAA25117@big.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL1] From: Fred Cohen <fc@all.net> Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Fri, 6 Jul 2001 14:09:18 -0700 (PDT) Reply-To: iwar@yahoogroups.com Subject: [iwar] news Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit EXCERPT:Taiwan media have disclosed the existence of four major Chinese intelligence organizations involved in operations against Taiwan, namely, the Liaison Department of the General Political Department, and the Taiwan Bureau of theMinistry of State Security. The 2d and the 3d Departments of the PLA General Staff Headquarters are also involved in intelligence operations againstTaiwan. The Liaison Department of thePLA General Political Department is an independent counterintelligence organization. It was formerly known asthe Hostile Covert Operations Department (STC 2420 1562 6752). In addition to its four known branches, ithas secret branches in Shanghai and Guangzhou, which conduct covert military operations against Taiwan. Reportedly,the Shanghai Branch maintains detailed files on colonels and generals of theTaiwan military, listing their date of birth, native place, educational background,and personal data, updated every 15 days. The Taiwan Bureau, Ministry of StateSecurity, collects information on Taiwan. Every morning at ten, the bureau produces a digest of political,economic, military, civil, and social information and trends, based on Taiwanmedia sources. At 1530 hours everyday,the bureau also produces an inside information report dealing with political,military, and economic matters. In addition to the Taiwan Bureau, the Ministryof State Security has the Training Bureau. It has three academic organizations, namely, the Institute ofInternational Relations, the Institute of International Politics, and theInstitute of Contemporary International Relations. The bureau annually recruits college students in Beijing and issuesa periodical bContemporary International Relationsb. Source: China Com Military News http://Military.China.Com/Zh_Cn/News/568/20010702/196374.Html ========================================================================== Internet Security Systems Security Advisory July 5, 2001 Remote Buffer Overflow in Multiple RADIUS Implementations Synopsis: ISS X-Force has discovered buffer overflow vulnerabilities in two popular Remote Authentication Dial-In User Server (RADIUS) implementations. RADIUS was originally designed to manage user authentication into dial-up terminal servers and similar devices. It has since been used as a standard for access control and user authentication for numerous Internet infrastructure devices, including routers, switches, and 802.11 Wireless Access Points. Impact: RADIUS is typically implemented as a "secure" access-control solution for critical network components. RADIUS is also implemented as a supplement to weak security measures provided in 802.11b specifications. The vulnerabilities described in this advisory may allow attackers to launch Denial of Service (DoS) attacks against critical network components, bypass 802.11 WLAN access control, or compromise and control protected network resources. Affected Versions: Merit 3.6b RADIUS Lucent 2.1-2 RADIUS ========================================================================== We would like to inform you that an organisation for local information security profesional has been established recently. Professional Information Security Association (PISA) is a non-profit making and independent organization for local information security professionals registed in Hong Kong. PISA focuses on developing local information security market with a global presence in the information security industry. PISA welcomes information security professional to join. Please visit http://www.pisa.org.hk for more information. ========================================================================== 'Secure' U.S. Site Wasn't Very By Declan McCullagh 2:00 a.m. July 6, 2001 PDT WASHINGTON -- A U.S. government website devoted to helping businesses keep sensitive information private instead revealed confidential information about American firms. A Commerce Department privacy website exposed proprietary information -- such as revenue, number of employees, and the European countries with which the firm does business -- that U.S. companies provided to the government in strict confidence. This information has been publicly accessible since the site went online last year. ... ========================================================================== Our PIX has detected an IP spoof from 255.255.255.255 to one of our servers. Research here on securityfocus reveals that some attackers have used this technique with a destination port 515 (LPR) and source 31337 (eleet) in scanning attempts. You can read about this at on the firewalls list at http://www.securityfocus.com/archive/19/187958 ========================================================================== Fwd: Teenage hacker sending Viagra to Bill Gates escapes prison sentence I used to work for Bob Dole, so found this Viagra post re Bill Gates interesting. This was sent to me from a 'News Bot' that I subscribe to, "Ananova". Ananova is an Avatar that will read the news to you over the Net as well. ========================================================================== By Gerry J. Gilmore American Forces Press Service ARLINGTON, Va., July 6, 2001 - The precedent-setting Navy- Marine Corps Intranet will harness the latest information security technologies and practices to ward off computer hackers seeking to compromise the system, DoD officials say.... ========================================================================== Welcome, you've got fraud Internet scammers victimize AOL users with bogus billing e-mails Tony Bridges Knight Ridder Newspapers The Charleston Gazette July 04, 2001, Wednesday Copyright 2001 Charleston Newspapers If you're an America Online user, chances are, you've got mail and a thief is trying to use it to steal your identity. It's called the AOL billing scam, an e-mail con that prompts AOL customers to update personal account information, including credit card and Social Security numbers. But the information doesn't go to the popular Internet service provider. Instead, it winds up in the hands of hackers. Those who fall for the scam can face huge credit card bills, years of credit nightmares and possibly even computer viruses that turn their home PCs into a hacker's plaything. Cops say the thieves are hard to stop and nearly impossible to catch. And the word from AOL: they can't stop it either. It's up to customers to be skeptical and remember that AOL staffers never ask for passwords or billing information. "I didn't know your life could be intruded upon on the computer," said victim Cathy Rusnak, who spent months battling phony credit card charges after being taken by the scam. "It's just a massive web. You get sucked in further and further." ========================================================================== ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-09-29 21:08:36 PDT