Well, here he is, the winner of last week's "Rap This Stupid MailBag Letter" contest! Pat, your AntiOnline T-Shirt is on its way...



JP,



Im a weekly reader and occasional writer to the mailbag (yep thats me
with the bios pw stuff 2 weeks ago). When Im not trying to preach the
threats of relying on lame security, Im on tour with my band.
Unfortunately, we are aren't a rap band but I turned it over to Steven
Hawkings (aka the internal voice of my mac).



Like the song says..."I cant rap so i turned it over to my mac." Maybe
it should of said "Im too cheap to buy a shirt so i tried to weasle a
free one"



A little tough to make out the words but time was short and given what
the guy/gal had to say it probably doesnt matter.



Hope you dig it.



pat



Pat's Version Of The Stupid MailBag Letter.








Hi my name is Terry Mitchell I work with the Dept of Education. I
have been asked to secure a selection of virus for testing as we
purchase/tender for a virus protection tool for the department.



In a strictly controlled environment I have already tested numerous
pieces but would welcome someone elses advice on test procedures and
what has been used in other places without the hype from dealers.



Thanks Terry Mitchell



Well, there are a lot of "Virus Test Files" out there, try using one of them. Basically, they are non-malicious files that contain the signatures of all known viruses without having to risk infecting yourself with the real things. Here's one site that's full of these files.








Hello,



I've got some questions:



Our logfile (on Windows NT 4.0) shows following entries:



208.201.252.197, -, 21.11.00, 23:30:08, W3SVC2, SGSNT, 194.42.176.154, 411,
17, 465, 200, 64, GET, /home.htm, -,

208.201.252.197, -, 21.11.00, 23:30:08, W3SVC2, SGSNT, 194.42.176.154, 131,
66, 702, 404, 123, GET, /THIS_IS_JUST_A_FREE_AUDIT_BY_*WWW.ANTIONLINE.COM*,
-,

208.201.252.197, -, 21.11.00, 23:30:09, W3SVC2, SGSNT, 194.42.176.154, 91,
69, 702, 404, 3, GET, /scripts/../../winnt/system32/cmd.exe, /c+dir+c:\,

208.201.252.197, -, 21.11.00, 23:30:23, W3SVC2, SGSNT, 194.42.176.154,
13249, 52, 702, 404, 0, GET, /msadc/Samples/SELECTOR/showcode.asp, -,

208.201.252.197, -, 21.11.00, 23:30:23, W3SVC2, SGSNT, 194.42.176.154, 190,
33, 163, 200, 0, GET, /msadc/msadcs.dll,hr=80070057,CSoapStub::HttpExtensionProc,,



Does it mean, that you've scanned our site without our authorization?

What happens on our server?

Why did you do this?

Who has said to do so?

Where have you sent the generated report?

How is this possible?



Mit freundlichen GrĂ¼ssen /best regards from germany

Guntner Robert, SGS GmbH



Yes, the kiddies are still using that uberscanner that someone made. I really do appreciate the fact that they included our address like that. I've been getting all sorts of fun e-mails.








Hi guys



i have installed recently a RADIUS client/server authentification solution for
my company. I noticed that it produces a log file for every user connection,
wich list clearly the USERNAMES and the passwords, but in an encrypted form.



So, i wanna know if it would be possible for a hacker to crack these passwords
if he gets the log file?? and wich kind of algorithm is used to
encrypt them??



thx a lot.



Jerry Stevens.

New Age Communications.



Well, that really depends on which radius server you installed? RADIUS is an application layer protocol, not a specific program. It stands for "Remote Authentication Dial-In User Service". Here's a whitepaper from Lucent about RADIUS Authentication and Accounting for those interested. Trying to Brute Force an encrypted password file would probably be the last resort an intruder would try. It would be a lot easier for him/her to "convince" one of your employees to "give them" their password. Has your company had any security awareness training recently?








I would like a new laptop for christmas



jim koth



Um, OK.








I am very concerned about DIRT.



After Waco and Ruby Ridge, and multiple other documented abuses of our rights by Law Enforcement, I no longer trust them. The cops or the crooks? Which is worse? A gang of crackheads kicking down your door at three AM or a state-sanctioned goon squad complete with automatic weapons, flash-bangs and ski masks?



Marc V. Ridenour



Well, don't start thinking that your the son of god reborn, don't start a radical religious cult, don't build a compound, don't start stockpiling weapons illegally, and most of all don't rape little girls. If you keep those rules in mind, you won't have to worry about being involved in a Waco-like incident. For those of you that don't know what DIRT is, you can read more about it here.