Ajay Agrawal | 1 Jan 08:04 2008
Picon

Re: OT: IP of the originating machine from a gmail email

Nikhil,

What I understand from the question of Saqib -he is
asking if someone has sent mail using gmail account
how can you see the IP address of workstation/pc from
where it was sent. Gmail do not provide any IP details
but it do provide messange ID which is unique and
google have record for that message id belongs to
which IP.
--- Nikhil Wagholikar <visitnikhil <at> gmail.com> wrote:

> Hello Saqib,
> 
> Definitely you can know who within this world has
> sent you email. For
> this you need to perform email header analysis.
> Since you asked
> specifically for GMAIL, the way to see header
> information in Gmail is
> to click on "Show original" in the mail opened from
> inbox. This is the
> same place where you get the option of Reply, Reply
> to All, Forward
> etc.
> This is mostly possible if the sender has preferred
> to send email via
> a MUA and not through typical web-base of Gmail.
> 
> In the header, you can check for the string named
> 
(Continue reading)

Worrell, Brian | 2 Jan 13:37 2008

RE: microsoft updates

Many Pirated copies of XP I have seen where infected with Trojans or had
files missing in the first place.  

But that aside, if M$ let people update pirated copies, would that not
let more people think they can pirate it, rather than buy it? Which
would make a larger bot network by your theory?

Brian

-----Original Message-----
From: listbounce <at> securityfocus.com [mailto:listbounce <at> securityfocus.com]
On Behalf Of Ansgar -59cobalt- Wiechers
Sent: Monday, December 31, 2007 4:14 PM
To: security-basics <at> securityfocus.com
Subject: Re: microsoft updates

On 2007-12-31 Dave Koontz wrote:
> Umm... check out Windows Genuine Advantage.  Pirated copies will fail 
> updates (as they should).

No, they shouldn't. Not being able to update won't magically make people
buy Windows instead of running pirated copies. They'll just cease
updating, so we'll continue to have a healthy bot population. Thank you,
Microsoft.

Regards
Ansgar Wiechers
--
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
(Continue reading)

David Harley | 1 Jan 12:42 2008
Picon

RE: microsoft updates

> They'll just cease updating, so we'll continue to have a 
> healthy bot population. Thank you, Microsoft.

Microsoft seem to agree with you. This is what it actually says on the
Genuine Advantage web site in the FAQ section: 

Q:  	Will users of non-genuine Windows be blocked from receiving security
updates?
A: 	No. Regardless of genuine status, users will not be denied access to
critical security updates. Users who have not validated their computers as
genuine, however, will not be able to install many updates, including
Internet Explorer 7.0 and Windows Defender. Microsoft strongly recommends
that users of non-genuine systems correct their problem immediately. 

As far as I remember, this has been their position for quite a while.

--

-- 
David Harley CISSP, Small Blue-Green World
Security Author/Editor/Consultant/Researcher
AVIEN Administrator - http://www.avien.org
Blogs: http://blogs.securiteam.com, http://dharley.wordpress.com/
AVIEN book: http://www.smallblue-greenworld.co.uk/Avien.html

Dixon, Wayne | 2 Jan 14:57 2008
Picon
Picon

RE: microsoft updates

If I'm not mistaken, Windows updates will update Pirated copies (via
automatic updates only, not the Microsoft update website).  It will only
update the critical updates, not the optional updates and drivers.

Wayne

Wayne

-----Original Message-----
From: listbounce <at> securityfocus.com [mailto:listbounce <at> securityfocus.com]
On Behalf Of Ansgar -59cobalt- Wiechers
Sent: Monday, December 31, 2007 3:14 PM
To: security-basics <at> securityfocus.com
Subject: Re: microsoft updates

On 2007-12-31 Dave Koontz wrote:
> Umm... check out Windows Genuine Advantage.  Pirated copies will fail 
> updates (as they should).

No, they shouldn't. Not being able to update won't magically make people
buy Windows instead of running pirated copies. They'll just cease
updating, so we'll continue to have a healthy bot population. Thank you,
Microsoft.

Regards
Ansgar Wiechers
--

-- 
"All vulnerabilities deserve a public fear period prior to patches
becoming available." --Jason Coombs on Bugtraq

(Continue reading)

pinowudi | 2 Jan 01:45 2008
Picon

Re: Securing Email

Tumbleweed offers a mail gateway that encrypts all email in transit
between trusted partners and send the recipient a link for untrusted
domains.  Link addresses the Tumbleweed HTTPS server, where the user
presents some authentication from the message to receive the content of
the email over HTTPS webmail-like interface.  The idea is that no data
leaves the trusted enclaves unencrypted.

Deanosaur wrote:
> If you are using Exchange, native Outlook can perform secure email sign
> and encrypt easily.  Why not use that instead of a 3rd party product.
> 
> 
> ----- Original Message ----- From: "Jonathan Smith"
> <smithj <at> freethemallocs.com>
> To: <security-basics <at> securityfocus.com>
> Cc: "JD Brown" <jd.brown <at> smallenoughtocare.com>
> Sent: Saturday, December 22, 2007 7:55 AM
> Subject: Re: Securing Email
> 
> 
>> On Friday 21 December 2007 14:52, JD Brown wrote:
>>> Hi list, I would like to get some suggestions regarding products out
>>> there to secure email.  Preferably, I'd like to see an appliance that
>>> could make the process as transparent as possible to the user.  Any
>>> input would be greatly appreciated.
>>
>> Secure against... what? There's only so much you can do to secure email
>> without greatly affecting your users, but I'll list a few suggestions.
>>
>> * Configure SMTP mail servers to use TLS. for clients which use tls
(Continue reading)

Ansgar -59cobalt- Wiechers | 2 Jan 16:24 2008
Picon

Re: microsoft updates

On 2008-01-02 Worrell, Brian wrote:
> On Monday, December 31, 2007 4:14 PM Ansgar -59cobalt- Wiechers wrote:
>> On 2007-12-31 Dave Koontz wrote:
>>> Umm... check out Windows Genuine Advantage.  Pirated copies will
>>> fail updates (as they should).
>> 
>> No, they shouldn't. Not being able to update won't magically make
>> people buy Windows instead of running pirated copies. They'll just
>> cease updating, so we'll continue to have a healthy bot population.
>> Thank you, Microsoft.
> 
> Many Pirated copies of XP I have seen where infected with Trojans or
> had files missing in the first place.  
> 
> But that aside, if M$ let people update pirated copies, would that not
> let more people think they can pirate it, rather than buy it? Which
> would make a larger bot network by your theory?

I don't think that prohibiting updates (or making updating an annoyance)
for users of pirated copies will have much influence on the sold to
pirated copies ratio. Like I said before it's much more likely that
people will continue to run pirated copies and simply stop updating.

So, without WGA you have a significant number of pirated copies with a
nonzero chance that they will be patched up. With WGA you'll have
roughly the same number of pirated copies, only now most of them won't
be patched.

I'd say it's rather clear which scenario makes the larger bot net.

(Continue reading)

mgk.mailing | 2 Jan 10:37 2008

OpenSSL question

Hi All

I'm Working on a certificate authority using open ssl and have been for 
the most part successful over the last 6 months.  Now the trial period 
is over there has been one thing i keep stubbing my toe on and i was 
hoping someone would be able to help/point me in the right direction. 

I am trying to encode the CRL location into the certificates so that 
they can be automatically updated to revoked certificates.  I know that 
alot of devices allow you to specify the address manually but was hoping 
that you could generate it as part of either the root CA certificate, 
Signed device certificate or the signed crl.

Does anyone have any ideas as google is quiet dry on the subject (or 
maybe my terms are incorrect).

Thanks in advance for any help.

Ansgar -59cobalt- Wiechers | 2 Jan 16:49 2008
Picon

Re: microsoft updates

On 2008-01-02 Dead Sector wrote:
> On Dec 31, 2007 3:14 PM, Ansgar -59cobalt- Wiechers wrote:
>> On 2007-12-31 Dave Koontz wrote:
>>> Umm... check out Windows Genuine Advantage.  Pirated copies will
>>> fail updates (as they should).
>>
>> No, they shouldn't. Not being able to update won't magically make
>> people buy Windows instead of running pirated copies. They'll just
>> cease updating, so we'll continue to have a healthy bot population.
>> Thank you, Microsoft.
> 
> it's not supposed to make people buy windows, It is supposed to make
> people stop using pirated copies of windows.

Which it won't.

> and they'll just cease updating and it it microsoft's fault? what
> operating system accepts responsibility for the user's actions?

It was Microsoft's decision to make updating (not pirating!) harder.

Regards
Ansgar Wiechers
--

-- 
"The Mac OS X kernel should never panic because, when it does, it
seriously inconveniences the user."
--http://developer.apple.com/technotes/tn2004/tn2118.html

Tom Yarrish | 1 Jan 01:54 2008

Re: microsoft updates

If memory serves, there was an article via Slashdot about a year or  
more ago. It stated that Microsoft would provide "critical" security  
updates even to pirated copies. All other updates would fail the WGA  
check.

Tom

On Dec 31, 2007, at 3:14 PM, Ansgar -59cobalt- Wiechers <bugtraq <at> planetcobalt.net 
 > wrote:

> On 2007-12-31 Dave Koontz wrote:
>> Umm... check out Windows Genuine Advantage.  Pirated copies will fail
>> updates (as they should).
>
> No, they shouldn't. Not being able to update won't magically make  
> people
> buy Windows instead of running pirated copies. They'll just cease
> updating, so we'll continue to have a healthy bot population. Thank  
> you,
> Microsoft.
>
> Regards
> Ansgar Wiechers
> -- 
> "All vulnerabilities deserve a public fear period prior to patches
> becoming available."
> --Jason Coombs on Bugtraq

Bill Lavalette | 1 Jan 14:01 2008

RE: Port-Knocking vulnerabilities?


I think Brent was right in saying get a real Firewall/VPN installed. I
believe the original thread on this was that there was a weird ssh mech that
the user found and was wondering why. We have swayed way past the advice
point on this thread IMHO. It appears that the company in question is using
a practice that was acceptable in the mid 90's If this is a risk that the
business owners are willing to accept then there is nothing this list is
going to gain or achieve by getting emotional about it. The best advice we
can give this person is to advise the business owners that they are in dire
need of a security overhaul and move forward. Heck I remember when port
sentry was the hot ticket. I must say thought I think Craig  in another
thread mentioned gains and losses, From a business perspective He is right
and some of you may interpret his words differently, Acceptable Risk is
another way we understand this.

Have a Happy and Prosperous 2008 all

Bill

====== HomeNet Security ===========
Bill Lavalette 
Network Security Officer
CCSA-CCSE 
Crisis Mitigator
ID Theft Prevention Mentor
WWW http://www.homenet-security.com
====================================
     Defending The Home LAN

-----Original Message-----
(Continue reading)


Gmane