Computer underground Digest Sun Feb 2, 1997 Volume 9 : Issue 06 ISSN 1004-042X Editor: Jim Thomas (cudigest@sun.soci.niu.edu) News Editor: Gordon Meyer (gmeyer@sun.soci.niu.edu) Archivist: Brendan Kehoe Shadow Master: Stanton McCandlish Field Agent Extraordinaire: David Smith Shadow-Archivists: Dan Carosone / Paul Southworth Ralph Sims / Jyrki Kuoppala Ian Dickinson Cu Digest Homepage: http://www.soci.niu.edu/~cudigest CONTENTS, #9.06 (Sun, Feb 2, 1997) File 1--USR's little booboo (fwd) File 2--ISOC 97 SYMP NETWORK & DISTRIBUTED SYSTEM SEC'Y (2nd anncmnt) File 3--InfoWarCon6 - Brussels, Belgium (fwd) File 4--Call for papers: 6CYBERCONF File 5--DC-ISOC Tidbits File 6--"DNS and BIND," and "Mastering Regular Expressions" File 7--"The Basics of Computer Security" by Bellcore File 8--Cu Digest Header Info (unchanged since 13 Dec, 1996) CuD ADMINISTRATIVE, EDITORIAL, AND SUBSCRIPTION INFORMATION APPEARS IN THE CONCLUDING FILE AT THE END OF EACH ISSUE. --------------------------------------------------------------------- Date: Tue, 7 Jan 1997 00:15:18 -0500 (EST) From: "noah@enabled.com" Subject: File 1--USR's little booboo (fwd) From -Noah ---------- Forwarded message ---------- Date--Mon, 6 Jan 1997 18:55:35 -0600 (CST) From--Brett L. Hawn 56-kbps modem? Not quite By Jim Davis January 2, 1997, 5:30 p.m. PT U.S. Robotics (USRX), which has been leading the push for 56-kbps modem technology, has conducted preliminary tests showing that most consumers will be able to connect at higher speeds than with current modems--but not at the full 56 kbps. The company said the maximum downstream transmission speed will be limited to 53 kbps, not the 56 kbps originally promised. Federal Communications Commission regulations "limit the signal level" that digitally connected server equipment can transmit, the firm said. U.S. Robotics' x2 technology overcomes the speed limits of current 28.8-kbps modems based on the ISP having a direct connection to telephone companies' digital switches. The company said today that tests showed that "the vast majority" of users would be able to use x2 technology, while its modems would automatically default to lower speeds if such connections weren't possible. The test results were based on over 20,000 calls in seven Bell operating company regions, the firm said. U.S. Robotics says it is in beta testing of its products and expects to start shipping initial consumer products later this month. ------------------------------ Date: Mon, 13 Jan 1997 09:29:28 -0500 (EST) From: "noah@enabled.com" Subject: File 2--ISOC 97 SYMP NETWORK & DISTRIBUTED SYSTEM SEC'Y (2nd anncmnt) From -Noah ---------- Forwarded message ---------- Date--Fri, 10 Jan 1997 19:01:26 -0500 From--"David M. Balenson" PLEASE NOTE THE EARLY REGISTRATION AND HOTEL ROOM AVAILABILITY AND SPECIAL RATES DEADLINES ARE APPROACHING!! RESERVATIONS AT THE PRINCESS RESORT MUST BE MADE NO LATER THAN JAN 13TH FOR THE GOVERNMENT RATE, AND NO LATER THAN JAN 20TH FOR THE REDUCED GROUP RATE. EARLY REGISTRATION FOR THE SYMPOSIUM MUST BE POSTMARKED NO LATER THAN JAN 22ND. -------------------------------------------------------- THE INTERNET SOCIETY 1997 SYMPOSIUM ON NETWORK AND DISTRIBUTED SYSTEM SECURITY (NDSS '97) 10-11 FEBRUARY 1997 SAN DIEGO PRINCESS RESORT, SAN DIEGO, CALIFORNIA This fourth annual symposium will bring together researchers, implementors, and users of network and distributed system security technologies to discuss today's important security issues and challenges. It will provide a mix of technical papers and panel presentations that describe promising new approaches to security problems that are practical, and to the extent possible, have been implemented. We hope to foster the exchange of technical information and encourage the Internet community to deploy available security technologies and develop new solutions to unsolved problems. WHY YOU SHOULD ATTEND The use of the Internet is rapidly growing and expanding into all aspects of our society. Commercial organizations are coming under increasing pressure to make their services available on-line. This in turn is increasing the need for rapid and widespread deployment of usable and effective network and distributed system security technologies. High visibility attacks on the Internet underscore the vulnerabilities of the Internet and the need to solve its security problems. There is growing concern for securing the network infrastructure itself. Recent trends in software distribution (such as Java and ActiveX technologies) have made certain attacks easier to carry out. Privacy has become an important issue for the Internet. NDSS '97 will bring together researchers, implementors, and users of network and distributed system technologies to discuss today's important security issues and challenges. We have selected the technical papers and panel presentations that describe promising new approaches to security problems that are practical, and to the extent possible, have been implemented. Topics to be addressed include Internet infrastructure and routing security, security for the World Wide Web, Java and ActiveX security, cryptographic protocols, public key management, and protection of privacy. The symposium will have a positive impact on the state of Internet security. You will have the opportunity to actively participate in the dialog. Ask questions of the speakers, raise your important issues during the panel sessions, and let other participants know of your requirements, observations, and experience in this important area. We hope to encourage the wide-scale deployment of security technologies and to promote new research that can address the currently unmet security needs of the Internet community. Additional information about the symposium and San Diego, plus on-line registration, are available via the Web at: http://www.isoc.org/conferences/ndss97 SPONSORSHIP OPPORTUNITIES AVAILABLE! Contact Torryn Brazell at the Internet Society at +1-703-648-9888 or send E-mail to Ndss97reg@isoc.org. ------------------------------ Date: Mon, 13 Jan 1997 08:47:48 -0500 (EST) From: "noah@enabled.com" Subject: File 3--InfoWarCon6 - Brussels, Belgium (fwd) ---------- Forwarded message ---------- Date--Sun, 12 Jan 1997 23:11:16 -0500 From--"Betty G. O'Hearn" D I S T R I B U T E W I D E L Y CONFERENCE ANNOUNCEMENT InfoWarCon 6: "War By Other Means" Economic Espionage, CyberTerrorism and Information Assurance Brussels, Belgium May 8 - 9, 1997 Pre-Conference Tutorials: May 7, 1996 Sponsored by: National Computer Security Association / www.ncsa.com Winn Schwartau, Interpact, Inc. / www.infowar.com Open Source Solutions, Inc, / www.oss.net Honorary Chairperson: Judge Danielle Cailloux Investigating Magistrate, Member of the Committee to Control the Intelligence Services, Belgium Information Warfare is no longer just for the military or government. InfoWar is a legitimate concern for the private sector and law enforcement - everywhere. Hundreds of representatives from over thirty countries will interact at InfoWarCon 6 with world-class presenters in an open-source, unclassified forum to provide workable, real-world solutions to the commercial, legal and technical problems we face. Over two days, the three tracks and plenary sessions will focus on: 1. Military, Intelligence, Nation-States and Government Contractors. What are their special needs and concerns. Leaders from all areas will bring you current with their approaches. 2. Cyberterrorism and Crime: Law Enforcement, Domestic, National and International. Case histories and experience from those who know will provide the foundation for solutions and cooperation to a spreading problem. 3. The Private Sector and Commercial Infrastructure: Leading experts on information assurance will provide new models for security, management and infrastructure protection. Optional Pre-Conference Tutorials (May 7) > Three Pre-Conference tutorials will be offered to get the non-technical manager, law enforcement or government representative 'up to speed' on InfoWar: > >A. Open Source Intelligence. Robert Steele, ex-CIA case officer and intelligence professional, will teach you how and why the smart nation and competitive private company needs to use information gathering to his best advantage. A full day of extraordinary information and materials. > B. Information Security Basics. Dr. Mich Kabay, NCSA's Dir. of Education will take the non-technical manager on a three and one half hour tour of the fundamentals of information security. Essential knowledge for anyone involved with information warfare, cyberterrorism or defending against them. C. The Basics of Information Warfare and Cyberterrorism.Winn Schwartau, the man who wrote the books on Cyber-terrorism and Information Warfare, will teach the >non-technical participant the ins and outs in a fascinating 3 1/2 hour session. >For Registration Information > Kim Imler > Voice: (717) 241-3226 > Fax: (717) 243-8642 > Email: kimler@ncsa.com > WWW: www.Infowar.com > www.ncsa.com > >Sponsorship Opportunities - Multiple level sponsorship >opportunities and exhibit space is available. Contact: > Harry Brittain > Voice: (717) 241-3258 > Fax: (717) 243-8642 > Email: hbrittain@ncsa.com > >MARK YOUR CALENDARS: > >InfoWarCon 7, >Sept. 11-12, 1997 >Washington D.C. >Submit Abstracts and Papers to: >Betty@infowar.com DIRECT REQUESTS to: list@infowar.com with one-line in the BODY, NOT in the subject line. Subscribe infowar TO JOIN GROUP Unsubscribe infowar TO LEAVE GROUP Help infowar TO RECEIVE HELP TO POST A MESSAGE: E-Mail to infowar@infowar.com _____________________________________________________ Infowar.Com Interpact, Inc. Winn Schwartau winn@infowar.com http://www.infowar.com 813-393-6600 Voice 813-393-6361 FAX Sponsor Opportunities/Comments/Help Betty G. O'Hearn Assistant to Winn Schwartau http://www.infowar.com betty@infowar.com 813-367-7277 Voice 813-363-7277 FAX ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Betty G. O'Hearn Assistant to Winn Schwartau http://www.infowar.com betty@infowar.com 813-367-7277 Voice 813-363-7277 Data/FAX "Success is to be measured not so much by the position that one has reached in life as by the obstacles which he has overcome while trying to succeed. ~~~Booker T. Washington~~~ ------------------------------ Date: Thu, 30 Jan 1997 18:05:13 -0600 From: " Monique J. Lemaitre" Subject: File 6--"DNS and BIND," and "Mastering Regular Expressions" FOR IMMEDIATE RELEASE January 8, 1997 PRESS ONLY--FOR REVIEW COPIES, CONTACT: Sara Winge 707/829-0515 sara@ora.com NEW EDITION OF O'REILLY'S CLASSIC NUTSHELL HANDBOOK "DNA AND BIND" SEBASTOPOL, CA-O'Reilly & Associates announces the publication of the second edition of "DNS and BIND," a complete guide to the Internet's Domain Name System (DNS) and the Berkeley Internet Name Domain (BIND) software, the UNIX implementation of DNS. The new edition also covers using DNS and BIND with Windows NT. It's a complete update of this classic Nutshell Handbook, which has served as *the* source of information on DNS and BIND for system administrators who manage domain or name servers. DNS is the system that translates hostnames (like "rock.ora.com") into Internet addresses (like 192.54.67.23). Until BIND was developed, name translation was based on a "host table"; if you were on the Internet, you got a table that listed all the systems connected to the Net and their addresses. As the Internet grew from hundreds to hundreds of thousands of systems, host tables became unworkable. DNS is a distributed database that solves the same problem effectively, allowing the Net to grow without constraints. Rather than having a central table that gets distributed to every system on the Net, it allows local administrators to assign their own hostnames and addresses and install these names in a local database. This database is automatically distributed to other systems as names are needed. In this new edition of "DNS and BIND," the authors describe Bind version 4.8.3, which is included in most vendor implementations today. In addition, readers will find complete coverage of Bind 4.9.4, which in all probability will be adopted as the new standard in the near future. In addition to covering the basic motivation behind DNS and how to set up the BIND software, this book covers many more advanced topics, including how to become a "parent" (i.e., "delegate" the ability to assign names to someone else); how to use DNS to set up mail forwarding correctly; debugging and troubleshooting; and programming. # # # DNS and BIND, 2nd Edition By Paul Albitz & Cricket Liu 2nd Edition December 1996 438 pages, ISBN: 1-56592-236-0, $32.95 US ========================================================================= FOR IMMEDIATE RELEASE January 10, 1997 PRESS ONLY--FOR REVIEW COPIES, CONTACT: Sara Winge 707/829-0515 sara@ora.com O'REILLY RELEASES "MASTERING REGULAR EXPRESSIONS" SEBASTOPOL, CA--Programmers who delve into O'Reilly and Associates' new book "Mastering Regular Expressions" can save themselves time and aggravation while dealing with documents, mail messages, log files--any type of text or data--by tapping the power of regular expressions. For example, regular expressions can play a vital role in constructing a World Wide Web CGI script, which can involve text and data of all sorts. Those who don't use regular expressions yet will discover a whole new world of mastery over their data in "Mastering Regular Expressions." Experienced users will appreciate the book's unprecedented detail and breadth of coverage. Regular expressions are not a tool in and of themselves, but are included as part of a larger utility. The classic example is grep. These days, regular expressions can be found everywhere, such as in: - scripting languages (including Perl, Tcl, awk, and Python) - editors (including Emacs, vi, and Nisus Writer) - programming environments (including Delphi and Visual C++) - specialized tools (including lex, Expect, and sed) While many of these tools originated on UNIX, they are now available for a wide variety of platforms, including DOS/Windows and MacOS. Additionally, many favorite programming languages (even Java) offer regular-expression libraries, so programmers can include support for them in their own programs. For years, author Jeffrey Friedl has helped people on the Net understand and use regular expressions. In "Mastering Regular Expressions" he goes beyond mechanics and initiates readers to the art of using regular expressions. Friedl shares the subtle but valuable ways to think when using regular expressions as he leads readers through the process of crafting a regular expression to get the job done. Regular expressions are not used in a vacuum. In this book, a variety of tools are examined and used in an extensive array of examples. Perl, in particular, is very well represented throughout the book, with a major chapter dedicated entirely to it alone. Perl is extremely well-endowed with rich and expressive regular expressions. Yet what is power in the hands of an expert can be fraught with peril for the unwary--"Mastering Regular Expressions" shows readers how to navigate the minefield and become true masters of the art of regular expressions. # # # Mastering Regular Expressions: Powerful Techniques for Perl and Other Tools By Jeffrey E. F. Friedl 1st Edition January 1997 368 pages, ISBN: 1-56592-257-3, $29.95 US ------------------------------ Date: Tue, 28 Jan 1997 12:08:42 EST From: "Rob Slade, doting grandpa of Ryan & Trevor" Subject: File 7--"The Basics of Computer Security" by Bellcore VDBSCMSC.RVW 961019 "The Basics of Computer Security", Bellcore, 1995, 1-57305-047-4, U$695.00 %A Bellcore %C Room 3A184, 8 Corporate Place, Piscataway, NJ 08854 %D 1995 %G 1-57305-047-4 %I Bellcore %O U$695.00 +1-800-521-CORE +1-908-699-5800 fax: +1-908-336-2559 %O llavoie@notes.cc.bellcore.com mgordon2@notes.cc.bellcore.com %P 130 minutes %T "The Basics of Computer Security" Essentially, this series of three short video tapes contains the rough equivalent of three introductory chapters of a basic security text. There is an introduction to computer security in general, an introduction to application security, and an introduction to application security review or audit. The material is presented at a level suitable to the user, or perhaps a non-technical manager. The format is the standard talking head interspersed with slides. The material on the slides is reprinted in booklets packaged with the tapes. The content is generally reliable, although sometimes the advice on minor matters is questionable. Overall organization is good, but some sections are poorly planned and repetitive. copyright Robert M. Slade, 1996 VDBSCMSC.RVW 961019 ------------------------------ Date: Thu, 15 Dec 1996 22:51:01 CST From: CuD Moderators Subject: File 8--Cu Digest Header Info (unchanged since 13 Dec, 1996) Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are available at no cost electronically. CuD is available as a Usenet newsgroup: comp.society.cu-digest Or, to subscribe, send post with this in the "Subject:: line: SUBSCRIBE CU-DIGEST Send the message to: cu-digest-request@weber.ucsd.edu DO NOT SEND SUBSCRIPTIONS TO THE MODERATORS. The editors may be contacted by voice (815-753-0303), fax (815-753-6302) or U.S. mail at: Jim Thomas, Department of Sociology, NIU, DeKalb, IL 60115, USA. To UNSUB, send a one-line message: UNSUB CU-DIGEST Send it to CU-DIGEST-REQUEST@WEBER.UCSD.EDU (NOTE: The address you unsub must correspond to your From: line) Issues of CuD can also be found in the Usenet comp.society.cu-digest news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of LAWSIG, and DL1 of TELECOM; on GEnie in the PF*NPC RT libraries and in the VIRUS/SECURITY library; from America Online in the PC Telecom forum under "computing newsletters;" On Delphi in the General Discussion database of the Internet SIG; on RIPCO BBS (312) 528-5020 (and via Ripco on internet); and on Rune Stone BBS (IIRGWHQ) (860)-585-9638. CuD is also available via Fidonet File Request from 1:11/70; unlisted nodes and points welcome. EUROPE: In BELGIUM: Virtual Access BBS: +32-69-844-019 (ringdown) In ITALY: ZERO! BBS: +39-11-6507540 In LUXEMBOURG: ComNet BBS: +352-466893 UNITED STATES: etext.archive.umich.edu (192.131.22.8) in /pub/CuD/CuD ftp.eff.org (192.88.144.4) in /pub/Publications/CuD/ aql.gatech.edu (128.61.10.53) in /pub/eff/cud/ world.std.com in /src/wuarchive/doc/EFF/Publications/CuD/ wuarchive.wustl.edu in /doc/EFF/Publications/CuD/ EUROPE: nic.funet.fi in pub/doc/CuD/CuD/ (Finland) ftp.warwick.ac.uk in pub/cud/ (United Kingdom) The most recent issues of CuD can be obtained from the Cu Digest WWW site at: URL: http://www.soci.niu.edu/~cudigest/ COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing information among computerists and to the presentation and debate of diverse views. CuD material may be reprinted for non-profit as long as the source is cited. Authors hold a presumptive copyright, and they should be contacted for reprint permission. It is assumed that non-personal mail to the moderators may be reprinted unless otherwise specified. Readers are encouraged to submit reasoned articles relating to computer culture and communication. Articles are preferred to short responses. Please avoid quoting previous posts unless absolutely necessary. DISCLAIMER: The views represented herein do not necessarily represent the views of the moderators. Digest contributors assume all responsibility for ensuring that articles submitted do not violate copyright protections. ------------------------------ End of Computer Underground Digest #9.06 ************************************