No Such Weblog

On August 31, the NGO & Academic ICANN Study project has published its final report. They propose models for user participation in ICANN which are somewhat different from the ALSC's ideas.

Lance Spitzner of the Honeynet Project writes: The Honenet Project is excited to announce the results to July/August's Scan of the Month. The challenge was to analyze one month's worth of firewall and IDS logs captured in the wild. We have also released September's Scan of the Month. This month's challenge is to analyze a Snort binary capture and determine the attacker's tactics.

It seems someone from the netherlands has found a new bug in PGP. Apparently, details are to appear later today here.

Sieuwert van Otterloo has published A Security Analysis of Pretty Good Privacy. The paper includes a (new) "Multiple user ID attack". NAI has an advisory about this.

For a good summary on nimda, see this page at incidents.org. Also, according to a message to the incidents and focus-virus mailing lists at SecurityFocus, a disassembly of the beast is under way.

In a message to incidents, Barislav Kucan points to another collection of Nimda news at his site.

According to messages to the bugtraq and incidents lists, Nimda-generated Javascript code was available earlier tonight at http://www.microsoft.com/frontpage/.

• Another description
• Microsoft on the Javascript code seen on their web site.

The folks at project honeynet have published the results of their scan of the month for September 2001.