From editor@telecom-digest.org Tue Aug 3 15:02:49 2004 Received: (from ptownson@localhost) by massis.lcs.mit.edu (8.11.6p3/8.11.3) id i73J2nX10237; Tue, 3 Aug 2004 15:02:49 -0400 (EDT) Date: Tue, 3 Aug 2004 15:02:49 -0400 (EDT) From: editor@telecom-digest.org Message-Id: <200408031902.i73J2nX10237@massis.lcs.mit.edu> X-Authentication-Warning: massis.lcs.mit.edu: ptownson set sender to editor@telecom-digest.org using -f To: ptownson Approved: patsnewlist Subject: TELECOM Digest V23 #362 TELECOM Digest Tue, 3 Aug 2004 15:03:00 EDT Volume 23 : Issue 362 Inside This Issue: Editor: Patrick A. Townson Book Review: "Know Your Enemy", Honeynet Project (Rob Slade) Opportunity to Become an Embedded Professional (Sagar Singh) Re: POTS' Dirty Little Secret (Frank@Nospam.com) Re: History of TV (was Bare-Bones DNC Coverage) (Joseph) Computer Programmers in Telecom (Sumit Chawla) Share Day for August, 2004 (TELECOM Digest Editor) All contents here are copyrighted by Patrick Townson and the individual writers/correspondents. Articles may be used in other journals or newsgroups, provided the writer's name and the Digest are included in the fair use quote. By using -any name or email address- included herein for -any- reason other than responding to an article herein, you agree to pay a hundred dollars to the recipients of the email. =========================== Addresses herein are not to be added to any mailing list, nor to be sold or given away without explicit written consent. Chain letters, viruses, porn, spam, and miscellaneous junk are definitely unwelcome. We must fight spam for the same reason we fight crime: not because we are naive enough to believe that we will ever stamp it out, but because we do not want the kind of world that results when no one stands against crime. Geoffrey Welsh =========================== See the bottom of this issue for subscription and archive details and the name of our lawyer; other stuff of interest. ---------------------------------------------------------------------- From: Rob Slade Organization: Vancouver Institute for Research into User Date: Tue, 3 Aug 2004 07:59:29 -0800 Subject: Book Review: "Know Your Enemy", Honeynet Project BKKNYREN.RVW 20040618 "Know Your Enemy", Honeynet Project, 2004, 0-321-16646-9, U$49.99/C$71.99 %A Honeynet Project project@honeynet.org www.honeynet.orb/book/ %C P.O. Box 520, 26 Prince Andrew Place, Don Mills, Ontario M3C 2T8 %D 2002 %G 0-321-16646-9 %I Addison-Wesley Publishing Co. %O U$49.99/C$71.99 416-447-5101 fax: 416-443-0948 %O http://www.amazon.com/exec/obidos/ASIN/0321166469/robsladesinterne http://www.amazon.co.uk/exec/obidos/ASIN/0321166469/robsladesinte-21 %O http://www.amazon.ca/exec/obidos/ASIN/0321166469/robsladesin03-20 %P 768 p. + CD-ROM %T "Know Your Enemy, Second Edition: Learning About Security Threats" The first edition of "Know Your Enemy" was a lot of fun, and it also contained some valuable advice if you were brand new to the idea of a honeypot, and wanted to get started quickly. This second edition has taken advantage of another couple of years in the development of honeypots and honeynets, and provides guidance on a new generation of the technology. More than that, it promises, and mostly provides, more detailed information on the analytical aspects of honeynet operation, including the all-too-often neglected topic of network forensics. The page count has more than doubled. I have frequently said that any book with "hack," or any variant thereof, in the title is automatically suspect. This work helps prove my point, first, because the Honeynet Project members have not used the term (they refer to attackers as blackhats), and the text also notes the problems with "exploit" type books: they list old and known attacks, most of which are protected against, and say nothing about the attackers and how they work. Part one describes the honeynet. Chapter one points out the value of "knowing the enemy" and the history of the Honeynet Project. Chapter two explains what a honeypot is, leading to details on how a honeynet works, in terms of architecture, policies, and the risks and responsibilities of operating one, in chapter three. Building a first generation honeynet, in chapter four, presents specific details, although a number of concepts have already been given. The lessons from the early years of the project have led to a second generation of design, which is outlined in chapter five. Using a single machine to create a virtual network of simulated machines is described in chapter six. Chapter seven extends all of this into distributed networks of machines. A number of legal issues are discussed in chapter eight: specific citations are primarily from US laws, but general concepts are also examined. Part two concerns the analysis of data collected from the Honeynet. Chapter nine looks at the various sources of evidence. Network forensic ideas and tools are reviewed in chapter ten, although the material does tend to jump abruptly from Networking 101 to an assumption that the reader can parse Snort captures. Fundamentals of the data recovery aspects of computer forensics are given in chapter eleven, leading to the specifics of UNIX recovery in chapter twelve, and Windows in thirteen. (These chapters contain details of up to date tools not available in most of the standard computer forensic texts.) I was delighted to see that chapter fourteen addresses reverse engineering, although only in a limited subset of the full range of software forensics. Chapter fifteen reiterates the sources from chapter nine, and suggests centralized collection and management of data. Part three explains what the project has determined about "the enemy" by the types of attacks that have been launched and detected. Chapter sixteen takes a random crack at several topics related to the blackhat community: a number of points are interesting, but few are very helpful. A general overview of attacks in given in chapter seventeen. Specific attacks, and analyses, on Windows, Linux, and Solaris are detailed in chapters eighteen to twenty. Future trends are projected in chapter twenty one. The repetition of material that plagued the first edition has been cleaned up to a great extent, although the text would still benefit from a tightening up of the material in some chapters. In addition, the early examples are not thoroughly explained, making the reader initially feel that only a firewall audit log specialist would be able to understand what is being said. However, as with the first edition, most of the book is written clearly and well, and it is certainly worth reading. In addition, the new material definitely makes this not merely an interesting read, but something that has the potential to be a serious reference in the forensic field. copyright Robert M. Slade, 2004 BKKNYREN.RVW 20040618 rslade@vcn.bc.ca slade@victoria.tc.ca rslade@sun.soci.niu.edu The genius of you Americans is that you never make clear-cut stupid moves, only complicated stupid moves which make us wonder at the possibility that there may be something to them we are missing. - Gamel Abdel Nasser http://victoria.tc.ca/techrev or http://sun.soci.niu.edu/~rslade ------------------------------ From: Sagar Singh Date: Mon, 2 Aug 2004 23:27:56 PDT Subject: [telecom-news] Opportunity to Become an Embedded Professional Reply-To: telecom-news@yahoogroups.com Embedded Systems 'The Future Lies Here' The Embedded Technology sector is currently amongst the fastest growing sectors within the IT segment, and is likely to remain for a long time to come. As a consequence, there is a rising demand in this field for Professionals who can deliver on the challenging requirements in this field. Professionals trained in embedded systems technologies happen to be a rare commodity in the recruitment marketplace. Considering the vast scope of the field, ranging from telecom to consumer electronics to aerospace, the demand for embedded systems engineers for product development and application, will continue to grow in the years to come. According to an IDC report the international market as a whole expects product development worth $75 billion, which will require as many as 150,000 trained professionals in embedded systems development by the year 2005. While India is a known player in the software services space, the image of the country has been so far as a low-cost service provider. This is where embedded software development, which requires specialised skill sets, can make the difference. It is a sector promising a fast track career, which is only for the brightest and the best. From handheld devices like personal digital assistants (PDAs) and smart cell phones, to automobiles and rocket propellers, embedded computing systems are in the heart of all. The demand for embedded systems is in fact rising in the areas of integrated embedded solutions spanning across various industry verticals. "As the world is experiencing groundbreaking research in the area of hardware technology (e.g. Nano technology and Quantum Mechanics), packing more power into a single chip will become possible in the near future. Researchers are trying to implement more than one core in a single chip. Once these kinds of chips become a reality, it will lead to further miniaturisation of the ICs. This in turn will pave the path for the development of SOC's (System on Chip)," Embedded Systems Training in Bangalore: United Technologies offers a four-month full-time course consisting of two levels and an industry relevant project work. The students of electronics and computer engineers picked out through an entrance test. The test focuses on electronics concepts and C language. It is necessary for all candidates to have good understanding of basic electronics and C programming. Career sectors for embedded systems engineers Telecom/ Mobile communications Industrial engineering Computers/ Peripherals Consumer electronics Aerospace Military Automotive/ Transportation Medical equipment Electronic equipment Fresh batch starts on 9th Aug 2004. For details contact Sanish@utltraining.com ------------------------------ From: Frank@Nospam.com Subject: Re: POTS' Dirty Little Secret Date: Tue, 03 Aug 2004 06:03:41 -0700 Organization: Cox Communications So, what do you think the traditional telcos do about VOIP? Charles B. Wilber wrote: > Even more telling and sly was the title of the posting. Calling the > opinion piece "POTS' Dirty Little Secret: Big-Time Downtime" is > apparently an effort to predispose readers to a certain point of > view. I have read many interesting posts in this forum but have > learned to treat them as opinion, never as fact, unless I can verify > them myself. That sort of "yellow journalism" is the reason why. > Charlie Wilber > Dartmouth College > --- You wrote: > In short, a handful reports in a random forum is statistically > irrelevant for downtime rates. This is not news. And VOIP went one > step further by taking the story out of context and misinterpreting it > for us. > --- end of quote --- [TELECOM Digest Editor's Note: The traditional telcos and their shills hate VOIP. Admittedly, the VOIP News 'story' had some problems with it to say the least, but Traditional Bell hardly has its hands clean, either, just a 125 year head start at going to the toilet in our drinking water. A century ago when Bell took a very agressive attitude against any new comers and 25 years ago when Bell renewed and reaffirmed its hatred, now they have started on VOIP in the same way. The original enemies in 1900 had become bosum buddies by the 1970's when they recruited them (original enemies of 1900) in a fight against the two newest interlopers, MCI and Sprint. Now, Traditional Bell, which has been there/done that, seen it all many times around, and its original enemies (the independent telephone cooperaties of the 1900's), along with its newer enemies Sprint and MCI, have chosen to gang up on Vonage and the little players on its team. The '911 angle' is just a new side to the whole thing, but will soon pass away also, just as the "our phone company won't interconnect with your phone company" argument around 1900 eventually went away, or the "get one over on Bell with our cheaper rates" argument went away a few years ago. And just as Traditional Bell always has had its cheer-leaders and cheering squad -- for it is the furthest back any of us can remember; none of us living today were around to take sides in the phone wars of the Ted Vail dynasty at AT&T -- Vonage will also have its cheer- leaders -- some would call them 'shills' as time marches on. In fifty or seventy five years from now -- let's say 2050 or 2060 -- when the latest new comers have gotten integrated into the game and thoroughly joined with the 'Traditional Bell' to fight off the interlopers of the 22nd century, what will we read in the issue of TELECOM Digest for August 3, 2075? Probably the main story that day will be how the government is trying to split up Vonage, getting them divested after they successfully bought up all the little players in the VOIP business 'back in 2040' by threatening them with refusal to connect to them if they did not go along. PAT] ------------------------------ From: Joseph Subject: Re: History of TV (was Bare-Bones DNC Coverage Draws Lower Ratings) Date: Tue, 03 Aug 2004 08:04:00 -0700 Organization: Posted via Supernews, http://www.supernews.com Reply-To: JoeOfSeattle@yahoo.com On Sat, 31 Jul 2004 05:57:47 GMT, Michael D. Sullivan wrote: > I believe PBS emerged in the late 1960s (or possibly early > 1970s), after the major educational stations, such as WNET (NY) WNET (13) was originally WNDT and is the flagship station of PBS. remove NONO from .NONOcom to reply ------------------------------ From: sumitkchawla@rediffmail.com (Sumit Chawla) Subject: Computer Programmers in Telecom Date: 3 Aug 2004 07:35:52 -0700 Organization: http://groups.google.com I'm a computer engineer. I want to pursue a career in the telecom sector. Please suggest diffrent options (programming for telecom sector) and various resources available. You can mail me direcly on sumitkchawla@rediffmail.com ------------------------------ From: TELECOM Digest Editor Subject: Share Day For August, 2004 Date: Tue, 3 Aug 2004 2:00:00 EDT During the summer months, when our readership is lower than usual and more people are on vacation and holiday breaks, contributions to the Digest run slower than at other times in the year. So I am asking if you have not made a contribution recently to please consider doing so at this time. And just a couple days ago I was approached by Google asking me to go along with their system of advertising presented based on reader's keystrokes. I think you know the routine: You enter some phrase in our search engine and Google pops back an 'appropriate' advertising message along with the answers. It was very tempting to say the least. Instead of changing the Digest over to an advertising supported forum, I have always elected to keep it as a user supported forum, and for the most part keep it spam and virus free. I am *only* able to do this because of financial support from readers here, and if you would rather not see these Google Advertising-messages every month, then please pitch in and help now and then! Consider it sort of like public radio, which goes on for days at a time trying to raise money ... and maybe I should adopt the same system. Turn over the entire Digest once or twice a year to fund raising (entire issues, etc) and stop doing it when the budget for the year has been raised. But for now, I will stick with the present system of devoting a few messages at the some time each month to raising money for the Digest publication expenses. Out of 400-500 messages per month, in a spam, virus free environment, two or three (only) devoted to fund raising. You know who you are; please provide some help here financially. You can use Pay Pal to donate with a credit/debit card by going to our web site http://telecom-digest.org and at the bottom of the home page look for the PayPal 'donate' button. Or if you prefer, send a check or money order to Patrick Townson/TELECOM, Post Office Box 50, Independence, Kansas 67301-0050. The amount you send is entirely up to you. You know best how much you can afford and whether or not this Digest has any value for you. Thank you very much. Patrick Townson, Editor/Publisher TELECOM Digest ------------------------------ TELECOM Digest is an electronic journal devoted mostly but not exclusively to telecommunications topics. It is circulated anywhere there is email, in addition to various telecom forums on a variety of networks such as Compuserve and America On Line, Yahoo Groups, and other forums. It is also gatewayed to Usenet where it appears as the moderated newsgroup 'comp.dcom.telecom'. TELECOM Digest is a not-for-profit, mostly non-commercial educational service offered to the Internet by Patrick Townson. All the contents of the Digest are compilation-copyrighted. You may reprint articles in some other media on an occasional basis, but please attribute my work and that of the original author. Contact information: Patrick Townson/TELECOM Digest Post Office Box 50 Independence, KS 67301 Phone: 620-402-0134 Fax 1: 775-255-9970 Fax 2: 530-309-7234 Fax 3: 208-692-5145 Email: editor@telecom-digest.org Subscribe: telecom-subscribe@telecom-digest.org Unsubscribe:telecom-unsubscribe@telecom-digest.org This Digest is the oldest continuing e-journal about telecomm- unications on the Internet, having been founded in August, 1981 and published continuously since then. Our archives are available for your review/research. We believe we are the oldest e-zine/mailing list on the internet in any category! URL information: http://telecom-digest.org Anonymous FTP: mirror.lcs.mit.edu/telecom-archives/archives/ (or use our mirror site: ftp.epix.net/pub/telecom-archives) Email <==> FTP: telecom-archives@telecom-digest.org Send a simple, one line note to that automated address for a help file on how to use the automatic retrieval system for archives files. You can get desired files in email. ************************************************************************* * TELECOM Digest is partially funded by a grant from * * Judith Oppenheimer, President of ICB Inc. and purveyor of accurate * * 800 & Dot Com News, Intelligence, Analysis, and Consulting. * * http://ICBTollFree.com, http://1800TheExpert.com * * Views expressed herein should not be construed as representing * * views of Judith Oppenheimer or ICB Inc. * ************************************************************************* ICB Toll Free News. Contact information is not sold, rented or leased. One click a day feeds a person a meal. Go to http://www.thehungersite.com Copyright 2004 ICB, Inc. and TELECOM Digest. All rights reserved. Our attorney is Bill Levant, of Blue Bell, PA. ************************ DIRECTORY ASSISTANCE JUST 65 CENTS ONE OR TWO INQUIRIES CHARGED TO YOUR CREDIT CARD! REAL TIME, UP TO DATE! SPONSORED BY TELECOM DIGEST AND EASY411.COM SIGN UP AT http://www.easy411.com/telecomdigest ! ************************ --------------------------------------------------------------- Finally, the Digest is funded by gifts from generous readers such as yourself who provide funding in amounts deemed appropriate. Your help is important and appreciated. A suggested donation of fifty dollars per year per reader is considered appropriate. See our address above. Please make at least a single donation to cover the cost of processing your name to the mailing list. If you donate at least fifty dollars per year we will send you our two-CD set of the entire Telecom Archives; this is every word published in this Digest since our beginning in 1981. All opinions expressed herein are deemed to be those of the author. Any organizations listed are for identification purposes only and messages should not be considered any official expression by the organization. End of TELECOM Digest V23 #362 ******************************