One note many of you may have already known, but ignored.... MSN and Hotmail use the same servers. They are in each others pockets, as both are owned by Mssr. Gates. Hotmail is simply a 'web-mail' solution that MSN users also get access to. Hotmail addresses and vice-versa in certain circumstances. On the Good side, MSN grants the initial Password as a randomly based combination of Alphas and Numbers, and Hotmail allows the user to select their initial passwords themselves. MSN/Hotmail does, However use their 'PASSPORT' technology to allow buffered/cookied access each time you login. All it would take would be someone visiting Heidi's PC when she's out to lunch or down the hall to login when the 'cookies' are not set to expire on exit, and boom!! de John Jewkes On Wed, 19 Jun 2002 18:07:46 -0700 Crispin Cowan <crispin@private> writes: > Lyle Leavitt wrote: > > >Do we really know if this is 'real' or is forensicsbox@private a > >stolen account and the perp is trying to scam this group regarding > >Heidi's account. The last posts from Heidi appear fairly benign > while > >this post from Wendy is rather bazaar. > > > I regard Heidi's account as compromised. I got an e-mail from > mcps@private, delivered via hotmail.com, that claimed that other > posts > from mcps@private were forged. From there, it is a theorem that one > or > the other posts was a forgery. Both came via hotmail.com machines. > Therefore mcps@private has been compromised. > > Which doesn't surprise me very much. It was last year that Heidi > came to > this group, asking for advice on how to secure some kind of business > > practice, in which a core element was outsourcing all e-mail > activities > to Hotmail. Everyone here said "you must be nuts." I guess we were > right :) > > >Is this a PRS training exercise to evaluate the CRIME group's > ability > >to respond? What's the proper protocol here. It doesn't seem right > to > >immediately act on Wendy's request to block Heidi's messages. > > > I have no idea who "Wendy" is. Without some better credentials, I > wouldn't take an anonymous yahoo mail account at face value. > Blocking > seems wrong. Just be cautious of pronouncements from mcps@private, > because we already know that any of them could be forged. > > Crispin > > -- > Crispin Cowan, Ph.D. > Chief Scientist, WireX Communications, Inc. > http://wirex.com/~crispin/ > Security Hardened Linux Distribution: http://immunix.org > Available for purchase: > http://wirex.com/Products/Immunix/purchase.html > > > John Jewkes, SMD US ARMY MARS Oregon/Idaho State Director AAA0OR OR/AAA0ID ID/AAR0MI OR W6HNC ________________________________________________________________ GET INTERNET ACCESS FROM JUNO! Juno offers FREE or PREMIUM Internet access for less! Join Juno today! For your FREE software, visit: http://dl.www.juno.com/get/web/.
This archive was generated by hypermail 2b30 : Thu Jun 20 2002 - 08:23:07 PDT