For your convenience in reading: Subject lines are printed in RED and
Moderator replies when issued appear in BROWN.
Previous Issue (just one)
TD Extra News
Add this Digest to your personal
or 
For your convenience in reading: Subject lines are printed in RED and
Moderator replies when issued appear in BROWN.
Previous Issue (just one)
TD Extra News
Add this Digest to your personal
or
TELECOM Digest Thu, 18 Aug 2005 18:25:00 EDT Volume 24 : Issue 374
Inside This Issue: Editor: Patrick A. Townson
Child Porn Growing on Web; Internet Exploitation Prompting Action (Scherer)
Web Inventer, McCartney Sisters Win Awards in Germany (Reuters News Wire)
Yahoo Sticks to its $5 Music Service (Michele Gershberg)
Web Map Tracks Demand for News (Eric Auchard)
Journalism's Fear and Loathing of Blogs (Dante Chinni)
Book Review: "Honeypots for Windows", Roger A. Grimes (Rob Slade)
SBC Picks Motorola, S-A For Set-Tops (USTelecom dailyLead)
More on Verizon FioS Requirements (Lee Sweet)
4-Wire Echo Suppression Conference Calls (WU Tech Review) (Lisa Hancock)
AP Article "New N.Y. Law Targets Hidden Net Tolls" (Carl Moore)
Re: Online Scammers Pose as Company Executives in 'Spear-Phishing' (mc)
Re: Broadband Competition Must Surely be Working (Lisa Hancock)
Re: Broadband Competition Must Surely be Working (Matt Simpson)
Re: Not so Fast! 'xxx' Startup Put on Hold (DevilsPGD)
Re: Not so Fast! 'xxx' Startup Put on Hold (Mark Crispin)
Telecom and VOIP (Voice over Internet Protocol) Digest for the
Internet. All contents here are copyrighted by Patrick Townson and
the individual writers/correspondents. Articles may be used in other
journals or newsgroups, provided the writer's name and the Digest are
included in the fair use quote. By using -any name or email address-
included herein for -any- reason other than responding to an article
herein, you agree to pay a hundred dollars to the recipients of the
email.
===========================
Addresses herein are not to be added to any mailing list, nor to be
sold or given away without explicit written consent. Chain letters,
viruses, porn, spam, and miscellaneous junk are definitely unwelcome.
We must fight spam for the same reason we fight crime: not because we
are naive enough to believe that we will ever stamp it out, but because
we do not want the kind of world that results when no one stands
against crime. Geoffrey Welsh
===========================
See the bottom of this issue for subscription and archive details
and the name of our lawyer; other stuff of interest.
----------------------------------------------------------------------
From: Ron Scherer <csm@telecom-digest.org>
Subject: Child Porn Rising on Web; Internet Exploitation Prompting Action
Date: Thu, 18 Aug 2005 01:47:33 -0500
http://www.csmonitor.com/2005/0818/p01s01-stct.html
By Ron Scherer | Staff writer of The Christian Science Monitor
NEW YORK - Despite highly publicized arrests, law-enforcement
officials say that the sexual exploitation of children on the Internet
is growing dramatically. The more that get arrested, the more there
are out there ...
Over the past four years, the number of reports of child pornography
sites to the National Center for Missing & Exploited Children (NCMEC)
has grown by almost 400 percent. Law-enforcement officials are
particularly disturbed by the increased number of commercial sites
that offer photos of exploited children in return for a credit-card
number. Those fighting child porn say it has become a global
multibillion-dollar industry.
"We are encountering staggering proportions of violators or offenders
we would have never imagined years ago," says Ray Smith, who oversees
child exploitation investigations by the United States Postal
Inspection Service. "It is an exploding problem worldwide, and
particularly in the US," adds Ernie Allen, president of NCMEC.
Efforts to stem the upsurge are taking place on multiple fronts.
At the G-8 summit in Scotland last month, officials said that Interpol,
an international police organization, is putting together a global
database of offenders and victims. And this week, 3,000 law-enforcement
officials from around the US are meeting in Dallas to discuss ways to
attack Internet crimes against children.
On the state level, New Jersey and Florida are among those enacting
requirements for sexual predators to wear GPS devices that keep track
of their whereabouts.
One of the biggest pushes against the purveyors is aimed at shutting
down the use of credit cards. NCMEC is currently talking to MasterCard
about making it even harder to subscribe to the commercial sites.
"We're trying to mobilize the financial industry to choke off the
money," says Mr. Allen.
At MasterCard, spokeswoman Sharon Gamsin says her organization is
"appalled people are using our systems for illegal transactions
involving child pornography, and finding a way to stop this is a
priority."
Two years ago, Visa International began a program to try to identify
child porn sites allowing transactions with its credit cards. It
hired a firm that used retired federal agents to go through the
Internet searching for sites, and it says it's still searching the Web
for illicit sites today.
Good marks for effort
Officials generally give the credit-card companies good marks for
their efforts. "The financial industry is made up of real people with
children, and they want this thing ended for society, too," says Mr.
Smith, who has been fighting the illegal merchandise since 1982.
To try to help credit-card companies and law-enforcement officials
identify websites, NCMEC has hired a consultant to search online for
illicit sites. "We provide the information first to law enforcement
and then do reviews to see if they follow up," he says. "Otherwise, we
send a cease-and-desist order to the method-of-payment services [such
as a credit-card company] and try to engage banks and regulators."
Allen notes that he recently met with Asian bankers to seek
cooperation.
Shutting off the money flow could help, agree officials. Jim Plitt,
director of the US Immigration and Customs Enforcement (ICE) Cyber
Crime Center, believes that the growth of the child porn industry is
part of what he terms the "illegal business cycle" -- where groups
watching the huge profits decide to join in.
"The emphasis is on the money. That's where you focus," says Mr.
Plitt, who adds, "more cases are coming."
When law-enforcement officials have cracked the organizations, they
often find that the organizations have many illegal websites that are
collecting money. That was the case with Regpay, a company in Minsk,
Belarus, which provided credit-card billing services for 50 child porn
websites worldwide.
Indeed, the groups are often international in scope. The Regpay
investigation resulted in the initial arrests of 35 people in the
United States, France, and Spain. "The actual businesses themselves
are not necessarily large, but they have a large membership pool,"
says Plitt.
When Regpay was broken up two years ago, it had 270,000 subscribers --
4,000 in New Jersey alone. Recently, in fact, 11 more individual
subscribers were arrested in New Jersey, and more arrests are on the
way, say officials.
Because the membership pool was so large, law-enforcement officials
have broken the prosecutions down into two phases. The first phase was
to dismantle the financial apparatus, including businesses in Florida
and California that processed US credit-card transactions. The second
phase, which is ongoing, is to arrest individuals who subscribed to
the sites.
'Prioritized' arrests
"They are prioritized, so we are targeting individuals with access to
children, people of trust in the community, and the most egregious
subscribers who had lots of transactions," says Jamie Zuieback, a
spokeswoman for ICE. "What you'll see in the cases made are
schoolteachers, pediatricians, a campus minister, a Boy Scout leader,
and other individuals in those types of positions."
ICE is now arresting individuals who subscribed to the sites
multiple times.
Although the arrests themselves get the word out to the pedophile
community, some law-enforcement officials are optimistic that technology
may ultimately help them stem the tide. "I think there will come a time
in the not-too-distant future where, working with the [Internet service
provider] community and the financial community, they will be able to
package information and put it into computers that will not allow people
to subscribe to these sites," says Smith.
However, he adds, "We have First Amendment issues so we can't completely
shut down all pornographic sites."
Steps to keep kids safe
. As always, make communication a priority. "One of the main
tips is listening to your kids. Pay attention if they tell you they
don't want to go somewhere or see someone," Ms. Schwartz says.
. Let kids know that they can say no. "They have the right to
say no to any uncomfortable advances or touches. Kids are taught to be
respectful of their elders, and child predators prey on that."
. As far as computers go, be aware of technology, trends, and
especially a child's online activity. "Parents [are perceived as not
being] up to speed with the technology. It's a great conversation
starter to say, 'OK, what websites are you looking at? How do I create
an [instant messaging] account?' " That can be a subtle way to monitor
a child.
. Caution children in giving out information. "Predators ask for
phone numbers or personal information, and eventually they want to
escalate it to a phone call. People don't realize how little
information is needed today in order to find someone."
. Be attuned to any changes in behavior. "What if she was just
acting different and spending hours and hours online -- if you come up
to her and she quickly minimized the screen?"
. Suspicious websites or other activities can be reported to
www.cybertipline.com or 800-843-5678.
- Adam Karlin
Copyright 2005 The Christian Science Monitor.
NOTE: For more telecom/internet/networking/computer news from the
daily media, check out our feature 'Telecom Digest Extra' each day at
http://telecom-digest.org/td-extra/more-news.html . Hundreds of new
articles daily. To read the Christian Science Monitor on line each day
with no registration nor login requirements please go to:
http://telecom-digest.org/td-extra/nytimes.html and review the far
right hand column (upper part of page).
Also see articles 'Not so Fast; xxx Startup Put on Hold' elsewhere in
this issue of the Digest.
------------------------------
From: Erik Kirschbaum <reuters@telecom-digest.org>
Subject: Web Inventer, McCartney Sisters Win German Awards
Date: Thu, 18 Aug 2005 10:37:34 -0500
By Erik Kirschbaum
Britain's Tim Berners-Lee, who invented the World Wide Web and then
gave it away, will receive Germany's national Quadriga award on the
country's 15th annual Unification Day on October 3, organizers said on
Thursday.
Also receiving a Quadriga award for courage and vision will be six
Northern Irish women who challenged the Irish Republican Army over the
murder of a Catholic man, Robert McCartney, in Belfast in January.
McCartney's five sisters and fiance will receive the award for their
tireless campaign against IRA violence, organizers said. Last month,
the IRA pledged to end its armed campaign against British rule in
Northern Ireland.
Berners-Lee created the World Wide Web in 1990 while at the European
Particle Physics Laboratory in Geneva to let his fellow scientists
work together even when in other parts of the world.
But instead of patenting it and reaping a fortune, he chose to put it
onto the Internet a year later, opening access to everyone. Quadriga
organizers hailed Berners-Lee as the most important scientist of the
20th century after Albert Einstein.
"Berners-Lee elected not to patent the World Wide Web for commercial
reasons or his own personal profit but gave it away for all of us,"
said Klaus Riebschlaeger, chairman of the organising committee. "Free
and available to all humanity, it became the network for knowledge
linking the world."
The Web made modern-day surfing possible and transformed the Internet
from a domain for scientists and academics into the fastest growing
mass medium of all time.
Before the Web was developed, electronic files stored on the Internet
were exceedingly difficult to find and pages could only be located
using an address -- often a vast string of numbers.
The Quadriga national awards for courage, vision and responsibility
were inspired by ex U.S. President Bill Clinton on a visit to Berlin
in 2002. They are presented each year in four categories: political,
economic, social and cultural.
Other winners of the 25,000 euro prize this year include former German
Chancellor Helmut Kohl for his achievements in reuniting Germany in
1990; and the Aga Khan, billionaire spiritual leader of the world's 15
million Ismaili Muslims, for his charitable institution the Aga Khan
Development Network.
Previous winners include Afghan President Hamid Karzai (2004) and
British architect Norman Foster (2003).
Copyright 2005 Reuters Limited.
NOTE: For more telecom/internet/networking/computer news from the
daily media, check out our feature 'Telecom Digest Extra' each day at
http://telecom-digest.org/td-extra/more-news.html . Hundreds of new
articles daily.
------------------------------
From: Michele Gershberg <reuters@telecom-digest.org>
Subject: Yahoo Sticks to $5 Music Service
Date: Thu, 18 Aug 2005 11:05:14 -0500
By Michele Gershberg
Whether you prefer hard rockers or accordion-pumping folk singers,
Yahoo Inc. will stick with an aggressively low $5 monthly fee in the
first major marketing push for its online music service.
After an introductory roll-out in May, Yahoo on Thursday said it would
keep its music download subscription priced well below those of
competitors, such as RealNetworks Inc.'s Rhapsody and Napster Inc., in
an effort to become "the standard online music service."
Yahoo Music Unlimited offers more than 1 million songs, allowing
listeners to move tracks to portable music players and share them with
other subscribers on its messenger platform.
Trial subscriptions were launched at $4.99 per month for an annual
commitment, or $6.99 on a monthly basis, and analysts had wondered
whether Yahoo would raise the price with its full-scale launch.
Yahoo Inc. Chief Marketing Officer Cammie Dunaway said the music
service had so far attracted subscribers through public relations
efforts and word of mouth. The new Yahoo Music campaign will be the
online media company's most aggressive push this year, she said.
"It's exciting to see what happens now that we really start marketing
it," Dunaway told Reuters. "We're certainly looking to expand the
subscription (music) market and think that this pricing is one great
way to do it."
Pixellated characters representing rock band Green Day and rapper
Missy Elliott bounce and bop in the Yahoo Music online ads, with
viewers able to move the "Mini-Pop" stars onscreen. The ads were
created by agencies Soho Square and OgilvyOne, San Francisco.
The campaign debuts on August 28 during the MTV Video Music Awards
with the tagline "Over A Million Songs - 5 Bucks A Month - This Is
Huge." One television commercial shows an animated spaceship beaming
up favorite musicians, then pulverizing a lederhosen-clad accordion
player.
Commercials will air on MTV and Comedy Central. Yahoo has also planned
ads in a new video game from Midway Games Inc., and other
nontraditional campaign efforts.
PRICE PRESSURE
Yahoo's price strategy could heap more pressure on music download
rivals. Napster and Rhapsody provide subscribers unlimited streams on
demand and other features for about $10 a month, or about $15 with
portability.
"There will probably be room for some price differences, but if Yahoo
stays at a lower price, coupled with its broad marketing reach, it
would be tough for the other guys," said Christopher Rowen of Suntrust
Robinson Humphrey.
Rowen rates Napster shares at "buy" and Real Networks at "neutral."
Both companies' shares tumbled after Yahoo introduced its music
service in May, as did the stock of online music leader Apple Computer
Inc..
Napster has an estimated 400,000 subscribers to its service, while
Real Networks has nearly 1.2 million for Rhapsody. Yahoo would not
disclose subscriber numbers.
Rowen said online music subscription had yet to boom as listeners are
focused on copying their own music collections to portable devices,
but he noted it would take off once they look to music downloads as
their primary source for fresh songs.
"Five years down the road, subscription will be the dominant model,"
he said.
Copyright 2005 Reuters Limited.
NOTE: For more telecom/internet/networking/computer news from the
daily media, check out our feature 'Telecom Digest Extra' each day at
http://telecom-digest.org/td-extra/more-news.html . Hundreds of new
articles daily.
------------------------------
From: Eric Auchard <aychard@telecom-digest.org>
Subject: What's Next? Web Map Tracks Demand for Major News
Date: Thu, 18 Aug 2005 11:08:16 -0500
By Eric Auchard
It's debatable how big a deal any specific news event is compared to
all the other human mayhem that occurs each day. Journalists, editors,
historians and the guy at the end of the bar could probably never
agree.
A news mapping service introduced on Thursday by Akamai Technologies
Inc. promises to give unprecedented insight into the relative hunger
that millions of Internet users have to learn of breaking events
minute-by-minute.
Akamai, which helps speed delivery of 15 percent of the world's
Internet traffic over its network, is looking to count the sum of page
requests across 100 major news sites it serves to rank interest in
major events on a scale never seen before.
The Akamai Net News Index provides a map of six global regions and
measures the current appetite for news relative to average daily
demand in terms of millions of visitors to news sites per minute, per
week, within each geographic region.
Spikes in traffic can reveal the next wave of news demand.
"You have never really been able to look at big news events in this
way," Akamai Chief Executive Paul Sagan said in a phone
interview. "When you can get down to the minute of a day and correlate
spikes in news site traffic, you can really begin to see what was
going on at that moment," he said.
This aggregate news site data -- the company stresses that it does not
track individual surfing habits -- is now available publicly on the
Web at http://www.akamai.com/en/html/industry/net_usage_index.html/
In two-and-a-half months of testing before the index introduction,
Akamai found the biggest Internet news events were the London bombings
on July 7, Hurricane Emily July 15, the combined effects of the Space
Shuttle launch and monsoon in India on July 26. The fourth most
popular recent Web news event was the June 13 Michael Jackson verdict,
Akamai data showed.
Sagan says his Cambridge, Massachusetts-based company plans to make
the data available to its customers and members of the public to see
what ways they put the information to work.
The news index is in the spirit of the Internet Archive's WayBack
Machine, which provides snapshots of vast reaches of the Web in order
to preserve online history, or the various Internet Weather Reports,
which give Web surfers a glimpse of how essential networks on the
Internet are functioning.
IN A PLACE TO KNOW
Because its computers serve up billions of pages of news to Internet
readers each day, Akamai is in the unique position of being able to
track news consumption on a global scale.
Akamai believes it is in a unique position to be able to track news
consumption on a global scale. At any point in time, millions of PC
users (and growing numbers of Web-connected mobile phone users) are
viewing news on the Internet.
Some of the 100 participating news sites include the U.S.-centered
NBC, XM Satellite Radio and ESPN, LeMonde in France and the global
audiences of CNN.com and Reuters.com.
Other major sites in the Americas, Europe and Asia cannot be named,
Sagan said. "We think we have a pretty representative sample" of the
world's major Internet news sites, he said.
When news breaks, studies show that the Internet is displacing
television and print media for instant information. Sagan said the
index could act as early warning system on major news events, or for
retrospective trend research later.
"How do you measure an event of a certain magnitude?" Sagan asked. "No
one know what that means really," he said, adding that: "We are going
to let people draw their own conclusions."
Sagan hopes the service can be used to help reveal geographic and
sociological trends in public spectacles. Data generated by the index
could be used by advertisers and investors to map social patterns and
make buying decisions.
"How much did it grab public attention? What economic effect did the
news have?" Sagan asks. "We can get a real-time, exact view of the
data."
Copyright 2005 Reuters Limited.
NOTE: For more telecom/internet/networking/computer news from the
daily media, check out our feature 'Telecom Digest Extra' each day at
http://telecom-digest.org/td-extra/more-news.html . Hundreds of new
articles daily.
------------------------------
From: Dante Chinni <csm@telecom-digest.org>
Subject: Journalism's Fear and Loathing of Blogs
Date: Thu, 18 Aug 2005 11:13:40 -0500
http://www.csmonitor.com/2005/0809/p09s01-codc.html
By Dante Chinni
WASHINGTON - Mainstream journalism is running scared. It's watching
its audience numbers decline and its public trust numbers
drop. Newspapers, magazines, and network television news have been
shaken by major scandals. The media have seen the future and it is
blogging.
Or at least that's the story this year. "Mainstream journalism,"
however you want to define it, has been under siege so long it's hard
to keep track of all the people, things, and outlets that were or are
still going to destroy it.
Blogs, or weblogs -- websites on which a person or a group of people
opines about events, reports what's been heard, or simply links to
other sites (many of which are also blogs) - are the latest concern
among journalists who look at them with curiosity and fear.
Many believe blogs are a dangerous direct competitor to mainstream
journalism -- a way for individuals and interest groups to reach
around the gatekeeper function that newspapers, magazines, TV, and
radio have traditionally held. Some even see them as the future of
journalism; an army of citizen journalists bringing the unfiltered
news to a public hungry for the inside dope.
"The latest, and perhaps gravest, challenge to the journalistic
establishment is the blog," Richard Posner wrote last week in The New
York Times Book Review. Actually Mr. Posner wrote about a lot of
challenges the media faced, but gave blogs a lot of space as he
spelled out their advantages. They bring expertise. They bring flair
and opinion. They bring more checks and balances than the mainstream
media.
"It's as if the Associated Press or Reuters had millions of reporters,
many of them experts, all working with no salary for free newspapers
that carried no advertising," he explained.
Ah, yes, in the future news will be bountiful and free with no
advertising. Can't beat that. If they throw in complimentary ice
cream we've really got something here.
Let me just say for the record, I have nothing against blogs. I
actually like them. Their formula of opinion, links, and reportage can
be refreshing -- though they are often short on the last part of that
mix. And the voices they enter into the media dialogue sometimes offer
perspectives that otherwise might never be heard.
But if you really look closely, all this "and in the future ..." talk
seems a bit far-fetched for a number of reasons.
For all the bloggers' victories (like raising questions about memos in
CBS's Bush/National Guard story) there are numerous failures
(gossiping about John Kerry's affair that never happened or how the
presidential election was rigged in Ohio). And most bloggers simply
don't have time or staff to, say, launch an investigation into the
internal workings of the Department of State. Getting leaks and tips
is one thing, digging for the fuller story is quite another.
But the main reason blogs can't really supplant the mainstream media
is what they cover. If you go looking for blogs about national
politics, foreign affairs, celebrities or (yes) the media, you won't
go wanting. In fact, every one of the country's top 10 most visited
blogs deals with one of these subjects, according to
www.truthlaidbear.com itself a "portal to the blogosphere."
That's not really that surprising. To be a serious blogger - one who
can devote his time and energy to the job - one needs to make a name
for himself, sell ad space, and get paid. And to make a name, sell ad
space, and get paid, one needs a national audience.
In other words, if you live in, say, Grand Rapids, Mich. and are
looking for the latest developments on the construction on the nearby
highway, or the city council budget, or a millage dispute - things
that impact people in very real ways -- you're not going to have much
luck in the blogosphere.
Even large cities and state capitals, except for those that are part
of the media/government industrial complex, are relatively blog
free. And it's hard to see how that will change.
The number of people interested in devoting their life to things like
local zoning rules is a bit more limited than those interested in
national politics. Getting paid to do it would probably be all but
impossible. And that's a problem.
For all the fretting, blogging ultimately is bound to be less a
replacement for the traditional media than a complement. The fact is,
journalism's most critical responsibilities in a democratic society --
seeking, reporting, and analyzing news and holding people accountable
-- aren't easy to fulfill.
People rightly point out that the media often fail at those
tasks. It's just hard to see how making it a volunteer position or a
part-time job could improve the situation.
. Dante Chinni writes a twice-monthly political opinion column for the
Monitor.
Copyright 2005 The Christian Science Monitor.
NOTE: For more telecom/internet/networking/computer news from the
daily media, check out our feature 'Telecom Digest Extra' each day at
http://telecom-digest.org/td-extra/more-news.html . Hundreds of new
articles daily. Read the Christian Science Monitor at our web site
daily. http://telecom-digest.org/td-extra/nytimes.html (upper right column).
*** FAIR USE NOTICE. This message contains copyrighted material the
use of which has not been specifically authorized by the copyright
owner. This Internet discussion group is making it available without
profit to group members who have expressed a prior interest in
receiving the included information in their efforts to advance the
understanding of literary, educational, political, and economic
issues, for non-profit research and educational purposes only. I
believe that this constitutes a 'fair use' of the copyrighted material
as provided for in section 107 of the U.S. Copyright Law. If you wish
to use this copyrighted material for purposes of your own that go
beyond 'fair use,' you must obtain permission from the copyright
owner, in this instance, Christian Science Publishing Society.
For more information go to:
http://www.law.cornell.edu/uscode/17/107.shtml
------------------------------
From: Rob Slade <rslade@sprint.ca>
Organization: Vancouver Institute for Research into User
Date: Thu, 18 Aug 2005 10:38:36 -0800
Subject: Book Review: "Honeypots for Windows", Roger A. Grimes
Reply-To: rslade@sprint.ca
BKHNPTWN.RVW 20050614
"Honeypots for Windows", Roger A. Grimes, 2005, 1-59059-335-9, U$39.99
%A Roger A. Grimes roger@banneretcs.com
%C 2560 Ninth Street, Suite 219, Berkeley, CA 94710
%D 2005
%G 1-59059-335-9
%I Apress
%O U$39.99 510-549-5930 fax 510-549-5939 info@apress.com
%O http://www.amazon.com/exec/obidos/ASIN/1590593359/robsladesinterne
http://www.amazon.co.uk/exec/obidos/ASIN/1590593359/robsladesinte-21
%O http://www.amazon.ca/exec/obidos/ASIN/1590593359/robsladesin03-20
%O Audience i+ Tech 2 Writing 1 (see revfaq.htm for explanation)
%P 392 p.
%T "Honeypots for Windows"
Now, we all know that honeypots can be fun: turning the tables on the
blackhats, and watching what they are doing for once. We'll even
acknowledge that the information honeypots provide can be useful,
teaching us the types of approaches and activities that intruders are
likely to undertake. But Grimes, in the introduction, stresses the
position that honeypots are important security tools used for
protection: that the extensive employment of honeypots will somehow
"put an end" to script kiddies and the myriad attacks we see flying
around the nets.
Part one is about general honeypot concepts. Chapter one is an
introduction to honeypots, looking at different honeypots and some
common attack types, and has an extremely terse mention of the fact
that there are risks associated with using honeypots. Components and
simple topologies for honeypots are listed in chapter two.
Part two moves specifically to Windows honeypots. Chapter two lists
the ports that a Windows computer typically has open, and provides
some (but not much) information on how the major ones work. A set of
questions to ask yourself about how you want to operate and configure
your honeypot are in chapter three, along with generic advice about
hardening the computer if you use Windows as the native operating
system. There is a table of services that you might want to turn off.
There is also an inventory of programs you may wish to remove: it
contains rather dated entries such as edlin.exe, but doesn't mention
items such as tftp.exe. Chapters five to seven are concerned with the
honeyd program and its Windows port, first in regard to description
and installation, then configuration options, and finally service
scripts. Other honeypot programs; Back Officer Friendly (BOF),
LaBrea, SPECTER, KFSensor, Patriot Box, and Jackpot; are outlined in
chapter eight, with the commercial entries getting the bulk of the
space.
Part three deals with the operation of honeypots. Chapter nine has
some basic traffic analysis information, mostly documentation for the
use of the Ethereal packet sniffer and the Snort intrusion detection
system. A number of tools for monitoring your system are listed in
chapter ten. Even though the title is "Honeypot Data Analysis," most
of chapter eleven records more monitoring tools. Grimes reprises some
of his stuff from "Malicious Mobile Code" (cf. BKMLMBCD.RVW), and adds
a catalogue of assembly tools, to talk about analysing such code in
chapter twelve.
As a compilation of utilities, the book will probably be a handy
reference for those who are interested in trying out a honeypot, or
possibly just getting more information from their Windows computer.
Network administrators who are seriously interested in actually
running a honeypot or reviewing the data thus collected should
probably look into "Know Your Enemy" (cf. BKKNYREN.RVW) or "Honeypots"
(cf. BKHNYPOT.RVW), both by Spitzner.
copyright Robert M. Slade, 2005 BKHNPTWN.RVW 20050614
====================== (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@sun.soci.niu.edu
In theory, there is no difference between theory and practice,
but, in practice, there is. - Jan L.A. van de Snepscheut
http://victoria.tc.ca/techrev or http://sun.soci.niu.edu/~rslade
------------------------------
Date: Thu, 18 Aug 2005 13:15:30 EDT
From: USTelecom dailyLead <ustelecom@dailylead.com>
Subject: SBC Picks Motorola, S-A For Set-Tops
USTelecom dailyLead
August 18, 2005
http://www.dailylead.com/latestIssue.jsp?i=23947&l=2017006
TODAY'S HEADLINES
NEWS OF THE DAY
* SBC picks Motorola, S-A for set-tops
BUSINESS & INDUSTRY WATCH
* Yahoo! denies VoIP report
* Nokia: No deal with Apple
* BellSouth targets small businesses
* Intel launches wireless cities initiative
USTELECOM SPOTLIGHT
* New! The USTelecom IP Video Implementation & Planning Guide
EMERGING TECHNOLOGIES
* Verizon Wireless to test next-generation 3G technology
* VoIP phones hitting their wireless stride
REGULATORY & LEGISLATIVE
* Sprint Nextel disputes value of Nextel Partners
Follow the link below to read quick summaries of these stories and others.
http://www.dailylead.com/latestIssue.jsp?i=23947&l=2017006
Legal and Privacy information at
http://www.dailylead.com/about/privacy_legal.jsp
SmartBrief, Inc.
1100 H ST NW, Suite 1000
Washington, DC 20005
------------------------------
From: Lee Sweet <lee@datatel.com>
Date: Thu, 18 Aug 2005 09:06:37 -0400
Subject: More on Verizon FioS Requirements
A bit of reading at Broadband Reports' in the FiOS forum would give a
better picture of life in the real Verizon installation world :-) See
http://www.dslreports.com/forum/vzfiber
Verizon technically does say all that's been reported about removing
your copper and requiring use of their router, but:
1. There are many reports that they will leave the original voice
copper if you request it. (I don't know if you can use it for 3rd
party DSL, VZN probably won't give the wire to them, especially now
with the recent FCC decisions [did that mean they didn't have to,
period, or they could charge what they wanted?]; you may be able to
retain your VZN voice on it in places where FiOS is optional, and then
only have Internet on FiOS)
2. There are also many reports that you can have the installers use
the supplied 'mandatory' router to test/bring up the connection, shut
it down, and then use your old router (any router that can do PPPoE),
and be fine. You will want to have their router around to plug in,
because it has special diagnostics they can access from their end, but
there is no special reason to use it, per se. (This is particularly
of note for those that want to use Vonage, etc., adapters, and don't
want to cascade routers.)
Also, there have been many discussions at BBR about the battery
backup, with people not understanding that some COs also only have 8-
12 hours of battery and being all upset that 'the phone will die in 6
hours' or whatever. Me, when I get FiOS (I have no choice, you may
recall), I'm going to put a 1500VA APC UPS in back of the VZN backup
to run the thing for 24 hours, I hope.
(Yes, I have a non-cordless phone to use with it. :-) )
Lee Sweet
Datatel, Inc.
Manager of Telephony Services
and Information Security
How higher education does business.
Voice: 703-968-4661
Cell: 703-932-9425
Fax: 703-968-4625
lee@datatel.com
www.datatel.com
------------------------------
From: hancock4@bbs.cpcn.com
Subject: 4-Wire Echo Suppression Conference Calls (WU Tech Review)
Date: 18 Aug 2005 09:41:09 -0700
The Western Union Technical Review had an article describing how they
utilized four-wire connections for voice conference calls to suppress
echos. A notable feature was that the four wires apparently went all
the way to the subscriber set. Another features was that conference
calls were set up automatically by dialing various codes. They used
an Ericsson crossbar switch on the WU voice network. Fall 1968.
The article goes into considerable technical detail.
See:
http://massis.lcs.mit.edu/telecom-archives/archives/technical/western-union-tech-review/22-4/p144.htm
------------------------------
Date: Thu, 18 Aug 2005 12:39:54 EDT
From: Carl Moore <cmoore@ARL.ARMY.MIL>
Subject: AP Article "New N.Y. Law Targets Hidden Net Tolls"
1st paragraph says:
"A new law that's apparently the first in the nation threatens to
penalize Internet service providers that fail to warn users that some
dial-up numbers can ring up enormous long- distance phone bills even
though they appear local." That law is in New York state.
Article notes that long distance within same area code can cost 8 to
12 cents a minute. As far as *I* can tell, the above warning is the
same as what I have seen in the front section of the Northeastern
Maryland phone book, where police and other public-service telephone
numbers are listed with the advice that some of those calls may be
toll.
------------------------------
From: mc <mc_no_spam@uga.edu>
Subject: Re: Online Scammers Pose as Company Executives in 'Spear-Phishing'
Date: Thu, 18 Aug 2005 10:25:36 -0400
This type of phishing by phone was already known by 1975. It was one of the
first computer security issues I ever heard about. "Hello, I'm from the
computer center [or, I'm in the corporate office] and I'm working on your
account. Can you tell me your password?"
[TELECOM Digest Editor's Note: Yes, it is an older style of phishing
and does go back twenty years at least. I do recall an office I worked
in during the early 1980's which had credit bureau terminal machines,
and on the wall behind the machines, a poster of a very stern looking
Uncle Sam, his fingers pursed over his lips, with a message saying
"Uncle Sam Wants YOU to Keep the Trust. Do not let other employees get
YOU in trouble ... neither your supervisor nor any executive of your
company is _ever_ going to ask you to provide them with your password,
nor ask you to 'pull a bureau report' for them personally, other than
in the regular course of your employment. If you receive a telephone
call from someone claiming to be in authority to do that, please let
your supervisor know immediatly." The message then concluded by
telling the penalties for doing so: "Under the law, providing credit
bureau information to an unathorized person is punishable by (whatever).
Why risk your job and your freedom by helping someone who claims to be
_your friend_ in this way? They're not your friend; they're just trying
to use you." Then a smaller picture of the stern Uncle Sam once again.
Finally at the bottom of the poster the statement, "Has anyone ever
bothered you in this way? Do you want to talk to someone about a
situation at your place of employment? Call 800 - (whatever) in complete
confidence." PAT]
------------------------------
From: hancock4@bbs.cpcn.com
Subject: Re: Broadband Competition Must Surely be Working
Date: 18 Aug 2005 09:56:42 -0700
jmeissen@aracnet.com wrote:
> What has now been confirmed by calls to Verizon is that
Verizon has installed fibre ("FIOS") in my area. However, they have
told me different things:
> - Once the fiber connection is established all services, including
> voice, are moved to the fiber and the copper wires are pulled,
> making it impossible to return to standard DSL in spite of the
> supposed 30-day trial period.
Only subscribers who sign up for FIOS will get fibre to their front
door. It is rather expensive to run the fibre and terminal box
(actually the terminal box is pricey) to your front door. The old
phone loop won't go anywhere.
> - They will absolutely NOT allow connections to other ISP's over
> the fiber connection, essentially limiting ISP's other than
> MSN to dialup customers.
They stressed this is not a regulated service. As such, they can
charge as they wish and run it as they wish. HOWEVER, anyone else can
run fibre just as they did. The cable company -- while it was still a
small outfit -- obviously was able to run fibre, so the field is open to
others.
They also need permission to run these lines, they don't have the
automatic ROW of a standard utility. While my _area_ overall has
FIOS, many specific sections do not have FIOS because permission was
not granted by the appropriate parties.
I also want to point out that this magical "competition" is no
guarantee of lower prices. There are a number of cellular phone
providers, but oddly enough, they all charge about the same and all
seem to be making very good money. That is, competition does NOT
automatically force down prices or improve service. Remember that
technology is better than ever and their costs should be lower than
the past. Economics include a multitude of factors, one of which is
demand.
In other words, right now many of us have a choice between phone
company DSL and cable company broadband. It just so happens that
prices of those are about the same. If a third provider showed up, do
you really think prices would go down? Not likely as long as demand
remained high.
As mentioned, anyone else can come in and run fibre and provide this
service if they wanted to.
------------------------------
From: Matt Simpson <msimpson@uky.edu>
Subject: Re: Broadband Competition Must Surely be Working
Organization: Yeah
Date: Thu, 18 Aug 2005 14:17:07 -0400
In article <telecom24.372.5@telecom-digest.org>, jmeissen@aracnet.com
wrote:
> So, while the landscape today includes a diverse collection of local
> and national ISP's with a range of services and cost options, the
> future will be dialup at $10-15/month or Comcast or Verizon/MSN at
> ~$50/mo. No more local businesses, no more local customer service, no
> choice of services.
For some of us, the current landscape does not include that "diverse
collection", and does not even include the more limited choice you
describe as the gloomy future. It includes ONLY dialup.
If the so-called "independent" ISPs want to be truly independent, and
not dependent on infrastructure owned by evil conglomerates, they can
provide broadband to those of us who would be happy with even a single
choice of broadband provider.
------------------------------
From: DevilsPGD <spamsucks@crazyhat.net>
Subject: Re: Not so Fast! 'xxx' Startup Put on Hold
Date: Thu, 18 Aug 2005 03:08:19 -0600
Organization: Disorganized
In message <telecom24.373.9@telecom-digest.org> Mark Crispin
<MRC@CAC.Washington.EDU> wrote:
> [TELECOM Digest Editor's Note: I want to just respond to one point
> which was stated by Mark ...
> Mark said "It would be difficult if not impossible to force the porn
> industry to be part of 'xxx'."
> Why would that be difficult, Mark? In many communities now, those
> places are required (just like taverns) to post notices that persons
> of minority age cannot be on the premises. It is not considered a
> free-association issue, but rather a matter of public policy and any
> challenges to the 'minors stay away' rule are always defeated. Why
> would it be a free-speech issue to impose on porn sites in the same
> way, with 'xxx' being the equivilent of a 'minors not allowed' sign?
> I have never yet seen a tavern, or a gay mens 'bathhouse', or an adult
> bookstore for example, which got anywhere trying to argue that that
> signs on the wall ordering minors to leave the premises were somehow
> an imposition on the establishment (or the patrons therein) rights of
> free speech or free association. Or, for that matter, a movie theatre
> (adult or otherwise) which attempted to enfore an 'X' or 'PG' rating
> making free speech claims, etc. So why would an internet establishment
> suddenly have that problem (assuming the law said that public policy
> dictated the protection of minors?
Go ahead and try to force me to move one of my customer's sites from a
.com to a .xxx site.
Where will you go? Your ISP? The police? Hire a lawyer and go to
court? Which court?
See, this internet thing surpasses jurisdictional boundaries. I'm in
Canada, my clients are in Canada, and unless a similar law was passed in
Canada, the best you'd get is a US court to agree that my site really
should be somewhere else, but that's about it.
Even if you got ICANN onboard, the site could be in .ca rather then
.com, and ICANN has no authority.
Next, there are literally millions of sites. With all the crime
existing in the world today, who exactly do you expect to pursue sites
appearing and disappearing daily?
Next, we have the question of who defines "adult" -- Again, the internet
is international. What your average rightwing nutjob in the US
considers "adult" or "offensive" may be common place and completely
legal in the less-inhibited portions of Europe -- The whole world isn't
as upright about breasts as Americans seem to be.
A more workable solution would be a .kids or .family TLD which would
specifically exclude adult material -- This would be enforceable, since
it would be controlled by a central authority under a single
jurisdiction, and anyone who wanted to purchase a domain in that TLD
would need to agree to appropriate terms.
> One thing that 'xxx' _would_ do is provide a good screening and
> filtering mechanism for 'adult' purveyors who did _not_ want to be
> bothered by kids coming around, etc (when combined with their other
> validation techniques such as credit card proof of age, etc.). People
> who were so inclined could filter out 'xxx' in the same way they can
> filter out other spam and trash. What's your objection to that? PAT]
There are already tons of techniques to allow legitimate pornographic
sites to keep children away. If you use Internet Explorer, go to
Tools --> Options --> [Content], click the "Content Advisor"'s
[Enable] button, and set some appropriate ratings.
------------------------------
From: Mark Crispin <mrc@CAC.Washington.EDU>
Subject: Re: Not so Fast! 'xxx' Startup Put on Hold
Date: Thu, 18 Aug 2005 12:34:47 -0700
Organization: University of Washington
Pat writes:
> Mark said "It would be difficult if not impossible to force the porn
> industry to be part of 'xxx'."
> Why would that be difficult, Mark? In many communities now, those
> places are required (just like taverns) to post notices that persons
> of minority age cannot be on the premises.
First, you must understand that what is being discussed is access
restriction; that is, a definition of "pornography" such that material
declared to be "pornographic" must be accessed only via an .xxx TLD.
Second, you must understand that a community is a local jurisdiction.
Within that jurisdiction, the definition of "booze" and "pornography",
for the purposes of access restrictions, can be well-defined.
The Internet is not a local jurisdiction. The only way that you can
avoid having "pornography" being available outside of the .xxx TLD on
the Internet is to declare that *all* material that *any* authority
declares to be "pornographic" must be placed within the .xxx TLD.
In other words, the effect of what you are advocating is that the
standards of Tehran are to apply to an Internet cafe in San Francisco.
This problem with variation in standards stymied an attempt to achieve
a national concensus in the USA on what constitutes pornography that
needs to be access-restricted. Remember the ill-fated Meese
Commission?
Internationally, material that is considered vile pornography in the
USA is considered to be "art" in certain other countries. Material
that is considered to be ordinary in the USA (such as a photo of you
with your wife with her head uncovered) are considered to be vile
pornography in Tehran and Mecca.
What about the romance novels that adult women (and teenaged girls)
consume in vast quantities? Many of these contain material that would
make a Playboy reader blush.
More to the point: I'll wager that I have a very different definition of
what constitutes "pornography that should be locked inside the .xxx TLD"
than your definion.
How dare you expose my kids to this vile pornography that you choose to
exclude from the .xxx TLD?
How dare you deny my kids access to art, literature, and medical
information that you misguidedly placed within the .xxx TLD?
Simplistic answers to complex problems turn out to be not as simple as
they seem.
-- Mark --
http://staff.washington.edu/mrc
Science does not emerge from voting, party politics, or public debate.
Si vis pacem, para bellum.
[TELECOM Digest Editor's Note: Also see article on how substantially
child porn is growing on the net elsewhere in this issue of the
Digest. PAT]
------------------------------
TELECOM Digest is an electronic journal devoted mostly to telecomm-
unications topics. It is circulated anywhere there is email, in
addition to various telecom forums on a variety of networks such as
Compuserve and America On Line, Yahoo Groups, and other forums. It is
also gatewayed to Usenet where it appears as the moderated newsgroup
'comp.dcom.telecom'.
TELECOM Digest is a not-for-profit, mostly non-commercial educational
service offered to the Internet by Patrick Townson. All the contents
of the Digest are compilation-copyrighted. You may reprint articles in
some other media on an occasional basis, but please attribute my work
and that of the original author.
Contact information: Patrick Townson/TELECOM Digest
Post Office Box 50
Independence, KS 67301
Phone: 620-402-0134
Fax 1: 775-255-9970
Fax 2: 530-309-7234
Fax 3: 208-692-5145
Email: editor@telecom-digest.org
Subscribe: telecom-subscribe@telecom-digest.org
Unsubscribe:telecom-unsubscribe@telecom-digest.org
This Digest is the oldest continuing e-journal about telecomm-
unications on the Internet, having been founded in August, 1981 and
published continuously since then. Our archives are available for
your review/research. We believe we are the oldest e-zine/mailing list
on the internet in any category!
URL information: http://telecom-digest.org
Anonymous FTP: mirror.lcs.mit.edu/telecom-archives/archives/
(or use our mirror site: ftp.epix.net/pub/telecom-archives)
RSS Syndication of TELECOM Digest: http://telecom-digest.org/rss.html
For syndication examples see http://www.feedrollpro.com/syndicate.php?id=308
and also http://feeds.feedburner.com/TelecomDigest
*************************************************************************
* TELECOM Digest is partially funded by a grant from *
* Judith Oppenheimer, President of ICB Inc. and purveyor of accurate *
* 800 & Dot Com News, Intelligence, Analysis, and Consulting. *
* http://ICBTollFree.com, http://1800TheExpert.com *
* Views expressed herein should not be construed as representing *
* views of Judith Oppenheimer or ICB Inc. *
*************************************************************************
ICB Toll Free News. Contact information is not sold, rented or leased.
One click a day feeds a person a meal. Go to http://www.thehungersite.com
Copyright 2004 ICB, Inc. and TELECOM Digest. All rights reserved.
Our attorney is Bill Levant, of Blue Bell, PA.
************************
DIRECTORY ASSISTANCE JUST 65 CENTS ONE OR TWO INQUIRIES CHARGED TO
YOUR CREDIT CARD! REAL TIME, UP TO DATE! SPONSORED BY TELECOM DIGEST
AND EASY411.COM SIGN UP AT http://www.easy411.com/telecomdigest !
************************
Visit http://www.mstm.okstate.edu and take the next step in your
career with a Master of Science in Telecommunications Management
(MSTM) degree from Oklahoma State University (OSU). This 35
credit-hour interdisciplinary program is designed to give you the
skills necessary to manage telecommunications networks, including
data, video, and voice networks.
The MSTM degree draws on the expertise of the OSU's College
of Business Administration; the College of Arts and Sciences; and the
College of Engineering, Architecture and Technology. The program has
state-of-the-art lab facilities on the Stillwater and Tulsa campus
offering hands-on learning to enhance the program curriculum. Classes
are available in Stillwater, Tulsa, or through distance learning.
Please contact Jay Boyington for additional information at
405-744-9000, mstm-osu@okstate.edu, or visit the MSTM web site at
http://www.mstm.okstate.edu
************************
---------------------------------------------------------------
Finally, the Digest is funded by gifts from generous readers such as
yourself who provide funding in amounts deemed appropriate. Your help
is important and appreciated. A suggested donation of fifty dollars
per year per reader is considered appropriate. See our address above.
Please make at least a single donation to cover the cost of processing
your name to the mailing list.
All opinions expressed herein are deemed to be those of the
author. Any organizations listed are for identification purposes only
and messages should not be considered any official expression by the
organization.
End of TELECOM Digest V24 #374
******************************
| |