From editor@telecom-digest.org Fri Oct 15 13:50:57 2004 Received: (from ptownson@localhost) by massis.lcs.mit.edu (8.11.6p3/8.11.6) id i9FHovD21101; Fri, 15 Oct 2004 13:50:57 -0400 (EDT) Date: Fri, 15 Oct 2004 13:50:57 -0400 (EDT) From: editor@telecom-digest.org Message-Id: <200410151750.i9FHovD21101@massis.lcs.mit.edu> X-Authentication-Warning: massis.lcs.mit.edu: ptownson set sender to editor@telecom-digest.org using -f To: ptownson Approved: patsnewlist Subject: TELECOM Digest V23 #490 TELECOM Digest Fri, 15 Oct 2004 13:51:00 EDT Volume 23 : Issue 490 Inside This Issue: Editor: Patrick A. Townson Privacy Eroding, Bit by Byte (Lisa Minter) Netflix Stock Drops on Amazon News (Monty Solomon) FCC Approves Fiber-Optic Broadband Rules (Monty Solomon) Sinclair's Disgrace (Monty Solomon) Can't Move 800 Number to Vonage (Fred Atkinson) Voicemail woes on Panasonic TA624/TVS-50 (Mike McWhinney) Re: Law Hits Home (William Warren) Re: Last, Very Bitter, Sad Laugh! A Nice Place to Work! (Lisa Hancock) Re: Linux 9.0 and Older Toshiba Laptop (Tony P.) Re: Linux 9.0 and Older Toshiba Laptop (Allen McIntosh) Re: Linux 9.0 and Older Toshiba Laptop (John McHarry) Re: Linux 9.0 and Older Toshiba Laptop (smith@tecnet1.jcte.jcs.mil) Re: Monthly Bill Fatigue (John Mayson) Re: LNP For a Move (Tim@Backhome.org) Re: Toshiba and Ethernet Card (smith@tecnet1.jcte.jcs.mil) Re: Toshiba and Ethernet Card (David Clayton) Book Review: Network Security Assessment, Chris McNab (Rob Slade) Re: Verizon Planning 3 Million FTTH Connections (Lisa Hancock) All contents here are copyrighted by Patrick Townson and the individual writers/correspondents. Articles may be used in other journals or newsgroups, provided the writer's name and the Digest are included in the fair use quote. By using -any name or email address- included herein for -any- reason other than responding to an article herein, you agree to pay a hundred dollars to the recipients of the email. =========================== Addresses herein are not to be added to any mailing list, nor to be sold or given away without explicit written consent. Chain letters, viruses, porn, spam, and miscellaneous junk are definitely unwelcome. We must fight spam for the same reason we fight crime: not because we are naive enough to believe that we will ever stamp it out, but because we do not want the kind of world that results when no one stands against crime. Geoffrey Welsh =========================== See the bottom of this issue for subscription and archive details and the name of our lawyer; other stuff of interest. ---------------------------------------------------------------------- From: Lisa Minter Subject: Privacy Eroding, Bit by Byte Date: Fri, 15 Oct 2004 07:36:18 EDT By Robert O'Harrow Jr., Washington Post Staff Writer First there were security cameras, sprouting like mushrooms on street corners and buildings. Then came shopper cards, offering discounts in exchange for details about buying habits. In recent years, we've seen the emergence of electronic tags or "cookies" on the Internet, software that monitors e-mail, GPS devices that pinpoint our position on the planet, and a growing number of machines that capture finger- and face-prints. Now comes the news that federal regulators on Wednesday approved the injection of microchips under the skin, enabling physicians with the right gear to know who someone is without having to ask. And yesterday, the omniscient-seeming search engine Google bested itself by announcing a service to probe for information both online and in your own machine. One company official called it a "photographic memory for your computer." Google says no personal information will be sent back to the company. But if it feels like you can't do anything these days without someone looking over your shoulder, you're not just paranoid. Cheap computers, blazing fast networks and clever engineers are finding more and more ways to keep tabs on where you go and what you buy, generally with your permission. They're even getting better at guessing what you'll do next. "It's this whole new world. It's sort of like all these little details about our lives are being recorded," said Richard M. Smith, an Internet security consultant in Boston. "We love the conveniences. We love the services. But people kind of instinctively know there's a dark side to this. They just hope it won't happen to them." To be sure, companies have long gathered personal and shopping information to better market to customers, often with dubious results. Who hasn't received junk mail or telemarketing calls that seem to have no connection with their lives? But those initiatives are fast improving and accelerating as people live more of their lives tethered to cell phones, the Internet and the rest of the wired world, where trading off personal information is part of the price of admission. Think about a typical day. An advertising service is notified when you check the sports scores on the Web. The EZ-Pass transponder signals when you go through a toll booth. The pharmacy collects personal medication details and sends them along to data companies for analysis. At work, some employees now use face recognition systems to get in to their offices, or they type on machines that trace every keystroke. "Every move you make is becoming part of your permanent record," said Peter P. Swire, a privacy expert and law professor at Ohio State University. "The trend is smaller, faster, cheaper." There's no question the data are accumulating, and faster than many people understand. A few years ago, researchers at the University of California at Berkeley estimated that all the information created by humanity by 1999 would double by about now. One of the leading aggregators of personal information, an Arkansas company called Acxiom Corp., has roughly a million times more information about adult Americans and their families than when it first sold stock two decades ago. Other commercial information services routinely tout their ability to access some 20 billion records. And that's not counting the digital details that come in the form of photographs, videotapes and sensor readings. Most people know companies can mine credit card data, loan records and other transactions. But few know that companies already offer video-mining services as well. One day we might be able to mine the information generated by radio frequency identification chip implanted in our arms. Or we might just use a Google search service custom-made for RFID, as the chips are known. Not everybody is vexed by these trends. Homeland security, law enforcement and intelligence officials are rushing to take advantage of this wealth of information to protect the country. Web sites like Amazon.com, cell phone services, catalogue retailers, financial services companies and many others are increasingly adept at using data systems to serve customers. Ask people whether they'd give up those services, and many would offer a resounding "no." David Brin, an author and futurist, believes that recent technological developments have revolutionized the ability of people to see -- through cameras around the globe -- and remember details through almost unimaginably rich warehouses of information that serve as proxies for our limited memories. He predicts that we will one day be able to "know" almost everybody in the world through instant access to personal information in ubiquitous data systems. He refers to this as the new "village." "You'll 'recognize' people on any street on Earth," he said, adding that young people who are better at using computer technology, and more comfortable with it, will be leading the way. "That part is inevitable. The village is returning." But even Brin's optimism, spelled out in his book, "The Transparent Society," has its limits. He worries that so much telling information could be misused by bad people or misguided government leaders. "It's wonderful stuff, but there are horrible possible consequences. We're all deeply worried that the future awaits us with Orwell's iron boot." "It's important," Brin said, "to remain calm." *** FAIR USE NOTICE. This message contains copyrighted material the use of which has not been specifically authorized by the copyright owner. This Internet discussion group is making it available without profit to group members who have expressed a prior interest in receiving the included information in their efforts to advance the understanding of literary, educational, political, and economic issues, for non-profit research and educational purposes only. I believe that this constitutes a 'fair use' of the copyrighted material as provided for in section 107 of the U.S. Copyright Law. If you wish to use this copyrighted material for purposes of your own that go beyond 'fair use,' you must obtain permission from the copyright owner, in this instance, Washington Post. For more information go to: http://www.law.cornell.edu/uscode/17/107.shtml ------------------------------ Date: Fri, 15 Oct 2004 03:38:24 -0400 From: Monty Solomon Subject: Netflix Stock Drops on Amazon News LOS GATOS, Calif. (AP) -- Shares of mail-order DVD rental company Netflix Inc. plunged Thursday after it warned that it was slashing its subscription price in anticipation of Amazon.com Inc. entering an already crowded market. In after-hours trading, Netflix share price fell more than 35 percent, or $6.18, even after it announced it had posted its most profitable quarter. The company's stock traded up 8 cents a share at $17.43 Thursday on the Nasdaq Stock Market. "We recently learned from several sources that Amazon is likely to enter our market soon," Netflix chief executive Reed Hastings said during a conference call with analysts. Hastings didn't specify who the sources were. Netflix also announced it was cutting its monthly fee from $22 a month to $18. The company had earlier this year raised its fees from $20 to $22. - http://finance.lycos.com/home/news/story.asp?story=44285463 ------------------------------ Date: Fri, 15 Oct 2004 03:39:47 -0400 From: Monty Solomon Subject: FCC Approves Fiber-Optic Broadband Rules By JENNIFER C. KERR Associated Press Writer WASHINGTON (AP) -- Federal regulators approved new rules Thursday aimed at making high-speed Internet available to more Americans. Critics contended the action will hinder competition in broadband services and keep prices high. The proposal lets the major regional phone companies build fiber-optic networks to within 500 feet of a customer's home without requiring the companies to share their networks with competitors. Currently, the former Baby Bell companies do not have to lease their networks for fiber that is installed directly to the home. The new rule extends that regulation to within 500 feet of a residence. BellSouth requested the change so it could build networks to just outside a customer's home and reach more homes at once, rather than having to lay down fiber to each household. In a statement, the company said the decision would bring broadband service to more consumers, more quickly. Three members of the Federal Communications Commission approved the plan in whole, while a fourth agreed to some parts and objected to others. Commissioner Michael Copps, a Democrat, voted against the rules. - http://finance.lycos.com/home/news/story.asp?story=44285047 ------------------------------ Date: Fri, 15 Oct 2004 03:57:46 -0400 From: Monty Solomon Subject: Sinclair's Disgrace The right-wing network's decision to force its affiliates to air anti-Kerry propaganda is one of the lowest moments in the history of television news, says the former head of the FCC. And it may unleash a backlash. By Eric Boehlert Oct. 14, 2004 | "We do not believe political statements should be disguised as news content." Policy statement, Sinclair Broadcasting, April 2004. Kerry campaign officials aren't the only ones outraged over Sinclair Broadcasting's order to its 62 television stations nationwide to preempt regular programming days before votes are cast Nov. 2 to air "Stolen Honor," a highly charged documentary critical of Sen. John Kerry. The move breaks with a long-standing tradition among broadcasters of covering presidential campaigns as part of their obligation to serve the public interest, and to do so with at least a patina of honesty. Sinclair's unprecedented move once again raises questions about the effects of rampant media consolidation, the deregulation that allows a small number of large conglomerates to own so many outlets, let alone use them to advance an obvious political agenda. The controversy over "Stolen Honor" has also thrust little-known Sinclair before the klieg lights, drawing attention to its news department, whose public spokesman has no experience whatsoever in journalism. And it reveals a publicly held corporation, operating on the public airwaves, run by a hypocritical chief executive, preaching conservatives values by which he himself has been unable to live. http://salon.com/news/feature/2004/10/14/sinclair/ ------------------------------ From: Fred Atkinson Subject: Can't Move 800 Number to Vonage Date: Fri, 15 Oct 2004 08:19:54 -0400 Greetings, A couple of months back, I called Vonage and spoke to their number portability group. I was a bit surprised at the result. I have a personal 800 number translated to my home telephone number (not through Vonage). I wanted to get it rerouted to Vonage and my Vonage telephone. Their portability group said that they could not do that. They would gladly provide me with a toll-free number and tranlate it to my telephone, but they would not take an existing personal toll-free number and have it pointed to Vonage. I tried to get them to explain the reason they won't do this (when they will get an existing number pointed at them). But, I am still very much in the dark about it. Does anyone have any feedback about this? Fred [TELECOM Digest Editor's Note: Who is the present owner of your 800 number? I know you are the end-user of it, but who is the *owner*? You said it is 'currently translated to ring your home number' but you want it to ring your Vonage number. Why don't you contact the *owner* of the 800 number -- the company to whom you pay the bill each month -- and get *them* to route it to your Vonage number. You said it was translated to wherever ... just tell that company your new home number is (Vonage number). 800 numbers do not work the same as regular numbers in this regard. Vonage 800 numbers offer you one hundred minutes per month as part of the $4.99 monthly fee to have one. Then additional (Vonage 800) minutes are four or five cents each. If based on your usage, that is a better deal than you currently have, then take the Vonage number instead. If your present deal is better for you, based on your useage, or it is some vanity number you wish to keep, then tell your comapny -- the *owners* -- to handle the translation for you to your new Vonage location. PAT] ------------------------------ From: eljainc@ameritech.net (Mike McWhinney) Subject: Voicemail Woes on Panasonic TA624/TVS-50 Date: 15 Oct 2004 05:43:09 -0700 Organization: http://groups.google.com Hello, I have been having problems set up just *basic* voicemail on the Panasonic hybrid TA624 telephone system with the TVS-50 VPS. There is a settting in program #411 to set the time delay for the voicemail to answer if the call is not picked up. Regardless of whether I put 5 sec, 10 sec or 15 sec it picks up after 2 rings. The manual says the delay can be set by a number of rings, but I do not see this option anywhere. I have VPS1 and VPS2 connected to Jack 15 and Jack 16 and have program #131 to map to those ports on the VPS. Does anybody know how to post to comp.dcom.panasonic? It seems to be a defunct group or at least no longer archived. Thanks in advance, Mike ------------------------------ Subject: Re: Law Hits Home From: William Warren Organization: Comcast Online Date: Fri, 15 Oct 2004 01:10:57 GMT On Wed, 13 Oct 2004 14:46:10 GMT, GL Fowler wrote: > If I send a postcard to my Aunt in Texas should I have an expectation > that the postman won't read the card? No more or less than if you put a digital version of the card on your website and disclosed the URL only to your Aunt: both are intended to be viewed by uninterested parties and their content will usually reflect that. Mail, of course, is different than a website: even if (as used to be posible in the U.S.) you don't seal the envelope so as to get a lower postal rate, it's very difficult for your cousins to read it unless your Aunt shows it to them, and it's very difficult for anyone not involved in the transfer to read it enroute. We trust the technicians at our ISPs not to read our emails in the same way we trust the Postal Carrier not to open our letters, even though both can violate that trust easily and without leaving a trace. Short of having a signet ring made and buying some sealing wax, there's little that we can do to prevent unwanted examination of snail mail: it's even appropriate sometimes, since it's necessary to prevent the mails being used to send improper material. In like manner, it's necessary for an ISP to look at emails when they've been misrouted, or when they might contain a virus, or simply to resolve formatting problems when converting between two code sets or different languages. In both cases, we trust that the professionals we've hired will respect our privacy. Since some ISPs don't subscribe to this "social contract", I use encryption where appropriate. FWIW. YMMV. William (Filter noise from my address for direct replies.) Using Opera's revolutionary e-mail client: http://www.opera.com/m2/ ------------------------------ From: hancock4@bbs.cpcn.com (Jeff nor Lisa) Subject: Re: Last, Very Bitter, Sad Laugh! A Nice Place to Work! Date: 14 Oct 2004 19:03:17 -0700 Organization: http://groups.google.com Patrick Townson wrote > Audit: TSA Spent Lavishly on Awards Ceremony > WASHINGTON - The government agency in charge of airport security spent > nearly a half-million dollars on an awards ceremony at a lavish hotel, [snip] I'm glad you posted this. For some reason Amtrak, which takes up a miniscule part of the Federal budget (1% of DOT, let alone the whole fed), seems to be the target of deficit haters and the "reform govt" movements. Yet, they ignore abuses like the aviation industry. Both sides of the political aisle have their pet projects and their pet dislikes. Amtrak happens to fall through the cracks. IMHO, solid funding of Amtrak would take some of the overcrowding off highways and airports (on short haul routes, obviously) saving the taxpayer money. ------------------------------ From: Tony P. Subject: Re: Linux 9.0 and Older Toshiba Laptop Organization: ATCC Date: Thu, 14 Oct 2004 22:10:51 GMT In article , ptownson@telecom- digest.org says: > I've a Toshiba Satellite 220 CDS laptop here, from 1995-96. On booting > it, I am told it has 32,512 KB memory. The hard drive is 1.34 GB and > it runs at 123 megs. It has a single internal slot on the side which > can be used either for a floppy drive or a CD Rom. I have both of them. > It has a USB connection, places for a parallel port and a serial port. > It has two slots for PCMCIA cards. My question is, if I install Linux > 9.0 on this machine, will it work, and how well? I know it *barely* > handles Win 98. It was originally an OEM Win 95 machine. Thanks for > your comments. > PAT RH9.0 should run ok on it. Hell, Linux will run ok on a 486 for that matter. ------------------------------ Date: Thu, 14 Oct 2004 22:30:47 -0400 From: Allen McIntosh Subject: Re: Linux 9.0 and Older Toshiba Laptop At a guess, it would be a dog. RH 7.3 might be a better choice. This sort of thing comes up from time to time in various Linux newsgroups, especially comp.os.linux.portable. Try using google. ------------------------------ From: John McHarry Subject: Re: Linux 9.0 and Older Toshiba Laptop Date: Fri, 15 Oct 2004 02:55:32 GMT Organization: EarthLink Inc. -- http://www.EarthLink.net Patrick Townson wrote: > I've a Toshiba Satellite 220 CDS laptop here, from 1995-96. On booting > it, I am told it has 32,512 KB memory. The hard drive is 1.34 GB and > it runs at 123 megs. It has a single internal slot on the side which > can be used either for a floppy drive or a CD Rom. I have both of them. > It has a USB connection, places for a parallel port and a serial port. > It has two slots for PCMCIA cards. My question is, if I install Linux > 9.0 on this machine, will it work, and how well? I know it *barely* > handles Win 98. It was originally an OEM Win 95 machine. Thanks for > your comments. > PAT Burn a copy of Knoppix and see if you can boot to that. If so, you are probably OK. You should probably use a more recent version of Fedora. RedHat 9.0 is obsolete. Also Google your specific machine and Linux. Many laptops have odd behavior. [TELECOM Digest Editor's Note: Actually, what I have here now is a three CD set (from Cheap Bytes in Lodi, CA) of Mandrake Linux 9.2. I may risk formatting the hard drive still again, and trying to install the Mandrake 9.2 ... but it sounds a little scary to me. I had a Knoppix CD around here somewhere but cannot find it at present. PAT] ------------------------------ Date: Fri, 15 Oct 04 09:46:25 EDT From: smith@tecnet1.jcte.jcs.mil Subject: Re: Linux 9.0 and Older Toshiba Laptop You're biggest problem is memory. Can you add any? Hardware requirements SUSE LINUX Desktop is suitable for all common PC hardware. The following requirements should be met to ensure a smooth operation: Processor: * Intel: Celeron, Pentium. to Pentium. 4, Xeon. * AMD: K6/II/III, Duron(tm), Athlon(tm), Athlon(tm) XP/MP * IBM * 286, 386, 486 and Cyrix processors are not supported Main memory: * At least 64 MB are required for the installation with YaST2 in graphical mode; 128 MB or more recommended Hard disk * up to more than 3 GB (Personal Edition)for the installation of all packages; 2 GB or more recommended * LBA48 hard disks are supported Graphics cards * SUSE LINUX Desktop comes with drivers for common cards including the following: o ATI: Radeon 9000/9500/9700 o nVidia: GeForce 4, GeForce FX o Matrox: G450/G550 ISA plug & play cards * ISA plug & play cards may have to be configured manually. [TELECOM Digest Editor's Note: Well, I dunno ... I have a vague memory of attempting to run the Knoppix CD (wherever it is) on the Toshiba a couple years ago and it only got mostly installed but then stalled on me. But I did have Win 95 on the machine at that time, which has now been removed totally (total disk format, etc). I wonder if I should do a total format once again and get Win 98 out of the way on that machine before starting, or will it all be a vain attempt and I wind up have to clean it and put Win 98 back on still another time? Advice, as always, more than welcome. PAT] ------------------------------ From: John Mayson Subject: Re: Monthly Bill Fatigue Date: Fri, 15 Oct 2004 04:14:45 GMT Organization: Road Runner High Speed Online http://www.rr.com > [TELECOM Digest Editor's Note: Isn't it funny how a short time after > we buy or otherwise obtain some new electronic toy, we discover that > it is 'indispensible' for us to be without? In talking to my mother > one hot day this past summer, I asked her, "how did you survive all > during the 1930's (when she was growing up) without any air conditioning > in your home?" Her response was, "well, we suffered but somehow survived. > How did *you* (meaning me) get along in the 1970's without a computer, > let alone five or six or them?" I dunno what I did ... now these days, I have very vivid dreams. I've had several lately where I've back in time and I'm anywhere between 8 and 13. I have all of the knowledge I have today. I go to my bedroom and realize a) I have no computer and b) even if I did, there's no Internet. I sit there and wonder just WTH I *did* as a kid. John Mayson Austin, Texas, USA ------------------------------ From: Tim@Backhome.org Subject: Re: LNP For a Move Date: Fri, 15 Oct 2004 08:28:21 -0700 Organization: Cox Communications Tony P. wrote: > FX is still used when you cross rate centers. But then unlimited > packages have pretty much killed that too. Not to mention VoIP virtual numbers. My Vonage termination is in Southern California and my primary number is in Cleveland, Ohio. Think what that would have cost back in "the good old days" when Ma Bell had whips and chains. Then, I can take my adapter and plug into broadband in Hong Kong. Even Ma Bell didn't offer Cleveland FX to Hong Kong. [TELECOM Digest Editor's Note: I think this all depended on who Ma Bell's customer was ... when I worked at Standard Oil in 1970-75 Standard (or actually Amoco) had two 'tie-lines' of interest from their centrex switchboard system: In addition to a gazillion WATS lines and tie lines (reached by dialing a three digit code for starters) they had a tie line to an office in Kuwait and an office in London. If you dialed some three digit code (from our office in Chicago) you got dialtone from the office in London or Kuwait, whereupon you would dial the local extensions in those offices. Of course in those days, Amoco/Standard Oil was the third largest customer of Illinois Bell with a phone bill of about one million dollars per *month* on a 150 page phone bill delivered by Federal Express. (First and second largest customers, respectively were City of Chicago (1) and University of Chicago (2). PAT] ------------------------------ Date: Thu, 14 Oct 04 17:01:52 EDT From: smith@tecnet1.jcte.jcs.mil Subject: Re: Toshiba and 3-COM Ethernet Card Did you upgrade to a Win 98 driver for the PCMCIA card? Some Win 95 drivers don't work because they depend on Win 95 standard files to be there. There should still be Win 98 drivers on the 3com site. Mark [TELECOM Digest Editor's Note: All I found on the 3-COM site (but I was not really looking) was the driver for the C574-TX which was in the form c574.tx.exe and it was a DOS file. What should I have looked for? By the way, this is the same Toshiba Satellite 220-CDS laptop computer discussed earlier. PAT] ------------------------------ From: David Clayton Subject: Re: Toshiba and 3-COM Ethernet Card Date: Fri, 15 Oct 2004 07:55:45 +1000 TELECOM Digest Editor contributed the following: > Anyone know why the ethernet card can see the network okay, but the > computer cannot see the ethernet card? (Well, it apparently can see > the card, it toots when the card goes in or out, etc.) I will > appreciate any answers. I seem to remember that there were two "modes" for the PCMCIA controller in the PC, one an older mode and a newer one that didn't work with some older PCMCIA cards (PCMCIA vs "Cardbus" mode maybe, I can't really recall ...) I cannot remember exactly where you changed it -- I think in BIOS when the laptop starts up -- but it may be worth having a look for this sort of thing somewhere. Regards, David Clayton, e-mail: dcstar@XYZ.myrealbox.com Melbourne, Victoria, Australia. (Remove the "XYZ." to reply) Dilbert's words of wisdom #18: Never argue with an idiot. They drag you down to their level then beat you with experience. [TELECOM Digest Editor's Note: In the BIOS set up on the Toshiba CDS-220 there is a toggle for 'PC Card Controller Mode' and the two choices given are 'Card Bus/16-Bit' and 'PCIC Compatible'. Which would you have me use? I am reasonably certain the 3-COM card is a 16 bit card; at least it does not say '32-bit' on it as my other 3-COM card (a model C575-TX) says on it. The C575-TX card does not respond at all in the Toshiba; at least the 574 card did when I was running Win 95 on that machine. Worked fine under Win 95, but admittedly it did not work at first there either until an experienced person helped me with it, but then the green light came on and all was well. Now the green light still comes on (with Win 98) when I plug in the eithernet cable, the machine still toots at me when the card is (un)plugged in or out, but no data goes anywhere. I got the 574 driver from the 3-COM site on another machine, put it on a floppy, then installed the floppy in the Toshiba. When I installed the driver I told Win 98 I had the disk, and directed its attention to 'A', where it loaded up just fine. At least when I installed it, when finished the computer tooted and the green light came on. Properties has no yellow exclamations or red X marks. What is still going wrong? PAT] ------------------------------ From: Rob Slade Organization: Vancouver Institute for Research into User Subject: Book Review: Network Security Assessment, Chris McNab Date: Fri, 15 Oct 2004 10:14:31 -0800 Reply-To: rslade@sprint.ca BKNTSCAS.RVW 20040511 "Network Security Assessment", Chris McNab, 2004, 0-596-00611-X, U$39.95/C$57.95 %A Chris McNab chris.mcnab@trustmatta.com %C 103 Morris Street, Suite A, Sebastopol, CA 95472 %D 2004 %G 0-596-00611-X %I O'Reilly & Associates, Inc. %O U$39.95/C$57.95 707-829-0515 fax: 707-829-0104 nuts@ora.com %O http://www.amazon.com/exec/obidos/ASIN/059600611X/robsladesinterne http://www.amazon.co.uk/exec/obidos/ASIN/059600611X/robsladesinte-21 %O http://www.amazon.ca/exec/obidos/ASIN/059600611X/robsladesin03-20 %P 507 p. %T "Network Security Assessment" In general, "learn to hack in order to secure" books provide very little useful material for helping security administrators to protect their systems. McNab's work is somewhat different: his descriptions (though not perfect) have a conceptual component, and the details often use accessible system tools, rather than relying on blackhat tools (of unknown reliability) or an extensive range of commercial utilities. Chapter one defines network security assessment somewhere between vulnerability scanning and penetration testing, and outlines the general campaign. A list of scanning tools, with very terse descriptions, is in chapter two. The querying of public information, using search engines and network information centres, is in chapter three. Chapter four provides details on IP network scanning, although the explanations are not always clear, seemingly missing particulars or skipping steps. This lack of description is even more evident in the material on remote information services (DNS - Domain Name Services, SNMP - Simple Network Management Protocol, LDAP - Lightweight Directory Access Protocol, and the like) in chapter five. Chapter six provides content on obtaining information about a number of Web utilities, products, and services, and lists a number of specific exploits. Chapter seven gives advice on identifying and exploiting specific terminal and terminal-like remote services. ftp and database exploits are listed in chapter eight. Chapter nine describes some tools for assessing and exploiting network (and particularly SMB (Server Message Block) services in Windows NT and 2000. Gathering information from SMTP (Simple Mail Transfer Protocol) is described in chapter ten, as well as a way to code MIME (Multipurpose Internet Mail Extensions) fields in order to defeat virus scanning on email. The exploits for VPN (Virtual Private Network) products, in chapter eleven are product specific and unstructured. Chapter twelve lists certain UNIX RPC (Remote Procedure Call) bugs. The explanation of general overflow and overwriting attacks in chapter thirteen provides thorough descriptions, but relies unnecessarily on coded C language references rather than broader explanations, reducing the conceptual clarity. Chapter fourteen reviews a combination of some of the techniques listed earlier in the book as an integrated attack example. The material could be helpful to security instructors, and fascinating for those interested in the topic, but may not be presented in a manner useful to network security administrators as direction for protection of their resources. The book is demanding of the reader, but it does do a better job than most of demonstrating the value of knowing how to find weaknesses in order to build defence. copyright Robert M. Slade, 2004 BKNTSCAS.RVW 20040511 ====================== (quote inserted randomly by Pegasus Mailer) rslade@vcn.bc.ca slade@victoria.tc.ca rslade@sun.soci.niu.edu The Internet may promise to improve the way we educate and learn, but so did early television. TV technology has instead reduced our attention spans, reduced intellectual conversations to sound bits, and left us with the impression that in order to be informed, we must first be entertained. - Lew Platt, of HP http://victoria.tc.ca/techrev or http://sun.soci.niu.edu/~rslade ------------------------------ From: hancock4@bbs.cpcn.com (Jeff nor Lisa) Subject: Re: Verizon Planning 3-Million FTTH Cnnections (Fiber to the Home) Date: 15 Oct 2004 10:31:45 -0700 Organization: http://groups.google.com The Old Bear wrote: > In a pitch to spruce up its image and retain customers, Verizon > Communications and other Bell companies are going door-to-door, > offering to replace customers' old copper wire with high-speed > fiber optic lines capable of handling not only phone calls but > TV programming and Internet connections at six times the speed > of cable lines. They're installing it in my neighborhood as a pilot and I'm excited about it. I've asked but at this time they don't know what the rates and service packages will be. Only those who request it will get the fibre since the box at the house is very expensive. ------------------------------ TELECOM Digest is an electronic journal devoted mostly but not exclusively to telecommunications topics. It is circulated anywhere there is email, in addition to various telecom forums on a variety of networks such as Compuserve and America On Line, Yahoo Groups, and other forums. It is also gatewayed to Usenet where it appears as the moderated newsgroup 'comp.dcom.telecom'. TELECOM Digest is a not-for-profit, mostly non-commercial educational service offered to the Internet by Patrick Townson. All the contents of the Digest are compilation-copyrighted. You may reprint articles in some other media on an occasional basis, but please attribute my work and that of the original author. Contact information: Patrick Townson/TELECOM Digest Post Office Box 50 Independence, KS 67301 Phone: 620-402-0134 Fax 1: 775-255-9970 Fax 2: 530-309-7234 Fax 3: 208-692-5145 Email: editor@telecom-digest.org Subscribe: telecom-subscribe@telecom-digest.org Unsubscribe:telecom-unsubscribe@telecom-digest.org This Digest is the oldest continuing e-journal about telecomm- unications on the Internet, having been founded in August, 1981 and published continuously since then. Our archives are available for your review/research. We believe we are the oldest e-zine/mailing list on the internet in any category! URL information: http://telecom-digest.org Anonymous FTP: mirror.lcs.mit.edu/telecom-archives/archives/ (or use our mirror site: ftp.epix.net/pub/telecom-archives) Email <==> FTP: telecom-archives@telecom-digest.org Send a simple, one line note to that automated address for a help file on how to use the automatic retrieval system for archives files. You can get desired files in email. ************************************************************************* * TELECOM Digest is partially funded by a grant from * * Judith Oppenheimer, President of ICB Inc. and purveyor of accurate * * 800 & Dot Com News, Intelligence, Analysis, and Consulting. * * http://ICBTollFree.com, http://1800TheExpert.com * * Views expressed herein should not be construed as representing * * views of Judith Oppenheimer or ICB Inc. * ************************************************************************* ICB Toll Free News. Contact information is not sold, rented or leased. One click a day feeds a person a meal. Go to http://www.thehungersite.com Copyright 2004 ICB, Inc. and TELECOM Digest. All rights reserved. Our attorney is Bill Levant, of Blue Bell, PA. ************************ DIRECTORY ASSISTANCE JUST 65 CENTS ONE OR TWO INQUIRIES CHARGED TO YOUR CREDIT CARD! REAL TIME, UP TO DATE! SPONSORED BY TELECOM DIGEST AND EASY411.COM SIGN UP AT http://www.easy411.com/telecomdigest ! ************************ --------------------------------------------------------------- Finally, the Digest is funded by gifts from generous readers such as yourself who provide funding in amounts deemed appropriate. Your help is important and appreciated. A suggested donation of fifty dollars per year per reader is considered appropriate. See our address above. Please make at least a single donation to cover the cost of processing your name to the mailing list. All opinions expressed herein are deemed to be those of the author. Any organizations listed are for identification purposes only and messages should not be considered any official expression by the organization. End of TELECOM Digest V23 #490 ******************************