Updated: 26.11.2002; 11:42:57 Uhr.
disLEXia
lies, laws, legal research, crime and the internet
        

Friday, November 15, 2002

Translating Newsitems

German language content in disLEXia now has a "Translate" link which should take you to a machine translation of the item.
23:57 # G!

FSB accused of attacks on US-based web sites

Russian security service FSB has been accused of launching denial-of-service attacks on two US-based web sites that publish Chechen separatist news. One of the sites has had its domain name frozen by Verisign, following an apparent fraudulent attempt to hijack its registration. Yesterday the Russian government amended its media laws to prohibit coverage of terrorist actions, including those of Chechen rebels.

The two sites, www.kavkaz.org and www.chechenpress.com, collapsed under a... [zem]
17:17 # G!

Urheberrechtsnovelle entzweit den Bundestag

Die Bundestagsfraktionen sind sich in wesentlichen Punkten uneins über die auch bei Verbänden und Verbrauchern heftig umstrittene Urheberrechtsnovelle. [heise]
15:10 # G! Translate

Alien Autopsy: Reverse Engineering Win32 Trojans on Linux

[LinuxSecurity.com]
14:08 # G!

Dot-Mil Hacker's Download Mistake

When Gary McKinnon -- the British hacker accused of infiltrating U.S. military computers -- downloaded a commercial remote-access program and used it to avoid detection, he may have led investigators right to his door. By Brian McWilliams. [Wired News]
13:51 # G!

Unix auditor's practical handbook

[Kill-HUP.com]
12:32 # G!

Redacting electronic Documents

Beware of MS Word documents! [law.com via Ernie the Attorney]
11:55 # G!

Popular packet sniffing packages (libpcap) contaminated by Trojan

Users are warned to be vigilant after trojanised versions of popular packet sniffing packages were posted on well known download sites.

A detailed alert from members of the Houston Linux users group warns that trojanised versions of Libpcap, used as a packet sniffing library in programs like Snort (the open source IDS package), and Tcpdump have been posted on Tcpdump.org. These contaminated packages have also found their way onto many mirror sites, such as Wiretapped.net . The trojan contains modifications to the configure script for both packages. It also alters gencode.c in libpcap only.

The backdoor component of the trojan tries to connect to a specific host (mars.raketti.net), and as such fail to open compromised systems to world+dog.

Posting version of popular applications contaminated with trojan code has become a popular tactic among denizens in the digital underground. In October a trojanised version of Sendmail was found circulating the Internet. Experts later noted the marked similarities between this trojan to a backdoor planted in OpenSSH in late July. ® [The Register - Security]
11:27 # G!

Judge rules cops' hacker went too far

A federal judge has ruled that law enforcement officials went too far when they tried to use evidence gathered by a known hacker to convict someone of possessing child pornography. The decision, handed down earlier this month, is believed to be the first to say that hacking into an Internet-connected home PC without a warrant violates the Fourth Amendment, which prohibits unreasonable searches and seizures.

"This makes it clear that law enforcement needs a search warrant to do this," said Orin Kerr, an associate professor at George Washington University Law School. Kerr said the ruling was the first of its kind.

The Virginia judge suppressed evidence of child porn possession after the defendant's lawyers argued the evidence had been illegally obtained by a hacker whose methods had received approval from law enforcement officials.

The decision came out of a case in which a hacker uploaded a file to a child porn newsgroup that made it possible to track who downloaded files from the service. The uploaded file contained the SubSeven virus, which the hacker used to remotely search people's computers for porn.

The hacker then played the role of a cybervigilante, sending anonymous tips to law enforcement officials alerting them to child porn files the hacker had found on people's PCs. [LinuxSecurity.com]

See also Orin Kerr's fine comentary on his Computer Crime Case Updates Mailinglist, news.com and lawmeme.
10:27 # G!

DNS spoofing in China

DynaWeb reports On Sept. 28th, reports came from China that visits to dissident websitess were being redirected to different IPs. Analysis shows that this is an unprecedented large-scale domain name hi-jacking in China achieved through DNS record spoofing. This effort is the result of an escalated level of Internet censorship in China.

Real Time Testing of Domain Name Resolution in China http://www.dit-inc.us/dns/dns_test.htm

[The Hacktivist]
2:10 # G!


Maximillian Dornseif, 2002.
 
November 2002
Sun Mon Tue Wed Thu Fri Sat
          1 2
3 4 5 6 7 8 9
10 11 12 13 14 15 16
17 18 19 20 21 22 23
24 25 26 27 28 29 30
Oct   Dec

Search


Subsections of this WebLog


Subscribe to "disLEXia" in Radio UserLand.

Click to see the XML version of this web page.

Click here to send an email to the editor of this weblog.