(A Javascript-enabled browser is required to email me.)
TBTF logo


About this Web log. | Link using this permanent URL.

Previous weeks' logs table of contents.

Friday, 1999-11-19

Thursday, 1999-11-18

  • German high court overturns Net censorship verdict, and Australia cheers. (published in TBTF)
  • . 1:32:34 pm
  • A new way to probe a network. 8:54:47 am
Wednesday, 1999-11-17

Tuesday, 1999-11-16 [ missing ]

Sunday, 1999-11-14 [ missing ]

Friday, November 19, 1999

11/19/99 8:34:44 pm

Thursday, November 18, 1999

11/18/99 1:32:34 pm

11/18/99 8:54:47 am

  • A new way to probe a network. The SANS Institute (a non-profit organization of system and network administrators) has issued an advisory, and a request for assistance, on a new form of network probe. Within the last week admins have been reporting unrequested ICMP echo replies -- that is, ping echo replies on their networks for which there were no corresponding echo requests. This technique could function as a stealthy network mapping scan: when a probe arrives for a host that doesn't exist, an internal router will reply with an "unreachable" message. By finding all the unreachable hosts, an attacker would be able to enumerate the hosts that do exist, in order to target them for later, loving attention.

    The SANS Institute issued this request for help in profiling this new intrusion threat.

    If your site has instrumentation and can detect echo replies for which there are no echo requests, please sanitize your internal addresses and send the trace here. If we receive enough information to write a report, the latest information will be posted on the SANS web site.

    Thanks to TBTF Irregular Mark Gibbs for the forward.

Wednesday, November 17, 1999

11/17/99 1:54:44 pm

  • Threads Microsoft security bugs and exploits
    See also TBTF for
    1999-08-30, 1998-02-02, 01-26, 01-19, 1997-11-17, 11-10, 10-20, 08-11, 06-23, 05-22, 05-08, more...
    Do not entrust a password to Windows CE. Bill Gates pushed Windows CE at Comdex, but it's beginning to look like Palm OS has won and WinCE is destined for the ash-heap of history. In recent weeks both Philips Electronics and South Korea's LG Electronics have pulled their Windows CE-based handhelds from the market -- they just weren't selling. And at Comdex, Everex announced that it too will abandon its non-starter line of WinCE-based portables. The biggest blow so far, though, was Sony's choice of the PalmOS over WinCE for its yet-to-be-developed line of consumer portable gadgets.

    In his CRYPTO-GRAM newsletter (see TBTF Sources), Bruce Schneier broke news of yet more trouble for WinCE. Seems its developers, out of laziness or time pressure, have ripped a massive hole in the security of any Windows NT password stored on a WinCE device. Let Schneier describe it:

    Microsoft encrypts your Windows NT password when stored on a Windows CE device. But if you look carefully at their encryption algorithm, they simply XOR the password with "susageP", Pegasus spelled backwards. Pegasus is the code name of Windows CE. This is so pathetic it's staggering.

    Here is Jeff Zamora of CEGadgets.com describing how he discovered this dizzying implementation blunder. WinCE? Whoever wrote that code ought to cringe and shrivel.

    (Though I read Schneier's newsletter when it arrived -- I don't dare do otherwise -- Alan Wexelblat's prodding was what made this item happen.)

Tuesday, November 16, 1999

11/16/99 2:51:22 pm
  • Two new activist sites.

    [ Lost this article in a system crash; may be recoverable from backup. Sysadmin says "Don't hold your breath." ]

Sunday, November 14, 1999

11/14/99 3:42:43 pm

About this Web log

This venue represents an experiment in more timely and less "cooked" TBTF news coverage. You'll read here things that came through my desktop machine mere minutes before. The TBTF Log replaces the Tasty Bit of the Day feature.

The week's TBTF Log entries will be mailed to TBTF subscribers on Sunday evenings.

The email and Web editions of Tasty Bits from the Technology Front represent my best effort to present engaging, cogent news and analysis on what matters to the life of the Net. TBTF will continue as before, but on a schedule closer to twice-monthly than to weekly.


Powered by Blogger

Copyright 1994-2023 by Keith Dawson. Commercial use prohibited. May be excerpted, mailed, posted, or linked for non-commercial purposes.

Most recently updated 1999-12-16