« June 2001 | Main | August 2001 »

July 2001 Archives

July 2, 2001

Honeynet news

The guys from Project Honeynet have posted the results of last month's Scan of the Month (a nice decryption challenge), and a new Scan of the Month. As Jeff Stutzman writes for the Project, "this month's challenge is to analyze a months worth of firewall and IDS data collected by a Honeynet".

July 3, 2001

Building the web of trust with GPG.

Do you still remember PGP 2? When you added a key or changed trust parameters, it would automatically detect that some keys got certified, and would ask you whether you considered these keys' holders trustworthy. GnuPG is lacking this feature: You'll have to use the key editing menu in order to adjust trust levels of any keys for which you consider this appropriate. Of course, this is cumbersome - in particular when you add keys to your key ring routinely, and keeping track of trust levels is not an option.

This script may help you to assign trust levels: It will look for keys on your keyring which carry well-certified user IDs, but haven't had any owner trust level assigned to them. It will then run gpg --edit over all these keys and allow you to nicely adjust trust levels.

July 8, 2001

Updated PGP keyring analysis posted.

M. Drew Streib has posted an updated PGP key ring analysis. This version only takes signatures on self-signed user IDs into account, and it offers extended information on where individual keys sit within the web of trust.

July 13, 2001

ALSC discussion paper #1

The ALSC has made available its Dicussion Paper #1. You can download an e-book version for PalmReader here.

July 24, 2001

PGP/MIME: Eudora vs. Mutt

As was reported in comp.mail.mutt, there's an interoperability problem between mutt and Eudora when it comes to PGP/MIME encrypted messages. Apparently, Eudora expects that the first MIME header within the encryption envelope contains a MIME-Version: 1.0 field. This is a bug. For details, read the Usenetr thread.

July 25, 2001

ICANN and new.net exchange letters.

There was an exchange of letters between ICANN and New.net.

new.net to ICANN / ICANN to new.net

Know Your Enemy: Statistics

Lance Spitzner of the Honeynet Project writes: The Honeynet Project is excited to announce the release of a new paper, "Know Your Enemy: Statistics". The paper is based on eleven months of data we have collected, and covers two areas.

1. Aggressiveness. We show a variety of statistics, based on eleven months of Honeynet data, that demonstrate just how aggressive the blackhat community can be. Even more revealing is it appears the threat is getting worse.

2. Early Warning and Prediction. We present proof of concept that attacks can be predicted. The research is still preliminary, but based on statistical analysis, 7 out of 8 attacks could be predicted last year. Two different team members took two different statistical approaches, yet they findings were almost identical. Most of the attacks made against the Honeynet could be predicted two to three days in advance.

As this research is part of the Honeynet Project, all eleven months of data are also publicly released for review and further analysis.

mutt-1.3.20 is available since yesterday.

Mutt-1.3.20 is available since yesterday. This is the latest development version. Download: patch / full source.

Code Red analysis

An extensive analysis of the Code Red Worm is available here. Includes animations.

ICANN: Articles of Incorporation and Bylaws for PalmReader

You can download e-book versions of ICANN's articles of incorporation and bylaws. In order to use them, you need PalmReader.

July 27, 2001

GPG: local signatures may be exportable

When you sign a (public key, user ID) couple using a V3 RSA key, gnupg will create a V3 signature. This includes the case of local signatures. Bad enough, there is no such concept as a local V3 signature, which implies that using "lsign" with a V3 RSA key is equivalent to "sign", and produces an exportable(!) signature.

This, in turn, can lead to considerable embarrassment (and loss of reputation) of the signer, and to bad judgement by others who rely on such signatures.

This patch fixes this problem by adding a minimum version parameter to make_keysig_packet(), and makes sure that local signatures are always at least V4.

July 31, 2001

Wau Holland died on 2001-07-29.

Wau Holland is dead. Obituaries: Lutz Donnerhacke, published at Spiegel Online / Chaos Computer Club.

About July 2001

This page contains all entries posted to No Such Weblog in July 2001. They are listed from oldest to newest.

June 2001 is the previous archive.

August 2001 is the next archive.

Many more can be found on the main index page or by looking through the archives.

Creative Commons License
This weblog is licensed under a Creative Commons License.
Powered by
Movable Type 3.35