From: Mitch D Date: Mon Jan 3, 2005 1:06am Subject: Re: un-bug / VLF reception PS to JMA's answer: if its not tx'ing or powered,only a nljd,or physical search would find it. __________________________________ Do you Yahoo!? Meet the all-new My Yahoo! - Try it today! http://my.yahoo.com 10497 From: Rob Muessel Date: Mon Jan 3, 2005 9:35am Subject: RE: Sweep needed Roger- I can recommend Steve Whitehead and Lorenzo Lombard of TSCM Services in South Africa. I've known these guys for 10+ years and they will do the job quite well. Best Regards, Rob Muessel -- -- Rob Muessel, Director email: rmuessel@t... TSCM Technical Services Phone: 203-354-9040 11 Bayberry Lane Fax: 203-354-9041 Norwalk, CT 06851 www.tscmtech.com USA -----Original Message----- From: Hawkspirit [mailto:hawkspirit@e...] Sent: Sunday, January 02, 2005 10:53 PM To: TSCM-L@yahoogroups.com Subject: [TSCM-L] Sweep needed Sweep needed in South Africa. Roger Tolces Electronic Security. Co. HYPERLINK "http://www.bugsweeps.com/"www.bugsweeps.com --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.825 / Virus Database: 563 - Release Date: 12/30/2004 [Non-text portions of this message have been removed] ======================================================== TSCM-L Technical Security Mailing List "In a multitude of counselors there is strength" To subscribe to the TSCM-L mailing list visit: http://www.yahoogroups.com/community/TSCM-L It is by caffeine alone I set my mind in motion. It is by the juice of Star Bucks that thoughts acquire speed, the hands acquire shaking, the shaking is a warning. It is by caffeine alone I set my mind in motion. =================================================== TSKS ---------------------------------------------------------------------------- -- Yahoo! Groups Links a.. To visit your group on the web, go to: http://groups.yahoo.com/group/TSCM-L/ b.. To unsubscribe from this group, send an email to: TSCM-L-unsubscribe@yahoogroups.com c.. Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service. [Non-text portions of this message have been removed] 10498 From: James M. Atkinson Date: Mon Jan 3, 2005 9:25am Subject: Re: un-bug / VLF reception At 02:06 AM 1/3/2005, Mitch D wrote: >PS to JMA's answer: >if its not tx'ing or powered,only a nljd,or physical search >would find it. TDR Analysis of the power lines would have found it, so would thermal imagery, and acoustic sounding. A magnetic analysis of the area with a gauss probe (not a metal detector) would likely have revealed it as well. -jma ---------------------------------------------------------------------------------------------------- We Expertly Hunt Real Spies, Real Eavesdroppers, and Real Wiretappers. ---------------------------------------------------------------------------------------------------- James M. Atkinson Phone: (978) 546-3803 Granite Island Group Fax: (978) 546-9467 127 Eastern Avenue #291 Web: http://www.tscm.com/ Gloucester, MA 01931-8008 Email: mailto:jmatk@t... ---------------------------------------------------------------------------------------------------- World Class, Professional, Ethical, and Competent Bug Sweeps, and Wiretap Detection using Sophisticated Laboratory Grade Test Equipment. ---------------------------------------------------------------------------------------------------- 10499 From: DJ Date: Mon Jan 3, 2005 6:50pm Subject: Microphones Steve you could probably answer this one. In the movie Enemy of the State (steve did a great job here), I saw many microphones used at long ranges to listen into the subjects conversations. Does anyone have any whitepapers or any other information on the availability of microphones that will work at a distance of over 20 feet from the subject? Thanks, IT2 Garrett 10500 From: fjansgmxnet Date: Tue Jan 4, 2005 8:15am Subject: Re: un-bug / VLF reception > A magnetic analysis of the area with a gauss probe (not a metal detector) would likely have revealed it as well. Very interesting point. If I would use some sensitve hall sensor as a gauss probe, what will I see in what range from the UN-bug? I would expect an AC magnetic field of a few milli-gauss in a range of about 10 to 20 cm apart from this bug, if the bug is in the non transmitting / non batterie loading mode, correct? Best regards, Frank 10501 From: delta Date: Tue Jan 4, 2005 8:33am Subject: looking for a tdr hello everybody i m looking for a little tdr portable to test telephone wire here in france what kind of product can i buy ? any reference ? someone here can help me to find this product at resonnable price ? many thanks david from paris 10502 From: Larry Nevin Date: Tue Jan 4, 2005 9:27pm Subject: Re: looking for a tdr David, I have a Riser Bond TDR that is in great shape. I am no longer in the business and I have not used it in three years. The unit has all of the manuals and cables in its own plastic case. If that fits your need I will sell it at a greatly reduced price. Thanks, Larry Nevin Fire In The Hole Inc. --- delta wrote: > > hello everybody > i m looking for a little tdr portable to test telephone wire here in france > what kind of product can i buy ? any reference ? > someone here can help me to find this product at resonnable price ? > many thanks > david from paris > > > > > ===== "EXPECT MORE THAN OTHERS THINK POSSIBLE!" 10503 From: delta Date: Wed Jan 5, 2005 1:48am Subject: Re: looking for a tdr hello larry and many thanks for your answer can you tell me the model you have to sell to me ? the price of course to buy your tdr here in france ? many thanks please contact me direct with my email agenceadi@o... david from paris 10504 From: James Greenwold Date: Wed Jan 5, 2005 6:31pm Subject: Re: Digital Cell phone scanning In days of old, (the analog days) We had software running a R7000. And could find the number we were looking for and follow the tower pass as the cell taveled along. I get ask regularily about the ability to scan a cell phone. I'm ask mostly by "foil hat club" members. But real or not the question is asked. Now, almost all phones are digital. The common answer would be that a phone could be hacked and turned into a scanner for close proximaty, but I have not seen one. So I ask you guys... How easy it is to listen to cell phone conversation and what is the level of the threat? Can the estranged husband be listening to his wife? Or is the tech needed place it in the expert mode? -- Thank you for your time James Greenwold Bureau Of Technical Services 715-726-1400 bts@t... 10506 From: J. Coote Date: Wed Jan 5, 2005 9:17pm Subject: RE: looking for a tdr David, You might find a used Tektronix 1502B, 1502C, 1503B or 1503C. These will do a good job on unenergized lines. The TDRs have some front-end voltage protection, but better to be careful. Tektronics had a protector or adapter for live lines, but I don't know the model number. The 1502 series is limited to 2,000 feet I believe but has good resolution. The 1503 series go to many times that. Another name that comes to mind is Riser-Bond. They make several TDRs. The very cheap TDRs only give basics, such as distance to open or distance to short and are unsuitable for TSCM. You might also look for companies who lease or rent test equipment. Jay -----Original Message----- From: delta [mailto:agenceadi@o...] Sent: Tuesday, January 04, 2005 6:33 AM To: TSCM-L@yahoogroups.com Subject: [TSCM-L] looking for a tdr hello everybody i m looking for a little tdr portable to test telephone wire here in france what kind of product can i buy ? any reference ? someone here can help me to find this product at resonnable price ? many thanks david from paris 10507 From: Ian Wraith Date: Thu Jan 6, 2005 5:18am Subject: Re: Digital Cell phone scanning Hello James Greenwold wrote: > So I ask you guys... > How easy it is to listen to cell phone conversation and what is the level of > the threat? Can the estranged husband be listening to his wife? Or is the > tech needed place it in the expert mode? With an encrypted digital cell phone systems such as GSM the threat from monitoring comes from Government agencies and there is no risk of estranged husbands listening. There are a few sites on the internet advertising GSM monitoring equipment but usually this equipment looks very suspect. I have been told there are a few digital mobile phone systems in the US which have no encryption but even with those I have yet to see any hobbyist level equipment for monitoring. Regards Ian 10508 From: Hawkspirit Date: Thu Jan 6, 2005 10:48am Subject: Sweeps needed Home sweep needed in Naples Florida Business sweep needed in Flint, Michigan If you can handle these contact me ASAP. Roger Tolces Electronic Security Co. 760-329-4404 HYPERLINK "http://www.bugsweeps.com/"www.bugsweeps.com --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.825 / Virus Database: 563 - Release Date: 12/30/2004 [Non-text portions of this message have been removed] 10509 From: James M. Atkinson Date: Thu Jan 6, 2005 10:59am Subject: Warning: Don't brush teeth with toilet brush! http://www.msnbc.msn.com/id/6794153/ Warning: Don't brush teeth with toilet brush! Awards handed out for wackiest consumer warnings The Associated Press Updated: 10:15 a.m. ET Jan. 6, 2005 DETOIT - The sign on the toilet brush says it best: "Do not use for personal hygiene." That admonition was the winner of an anti-lawsuit group's contest for the wackiest consumer warning label of the year. The sponsor, Michigan Lawsuit Abuse Watch, says the goal is "to reveal how lawsuits, and concern about lawsuits, have created a need for common sense warnings on products." The $500 first prize went to Ed Gyetvai, of Oldcastle, Ontario, who submitted the toilet-brush label. A $250 second prize went to Matt Johnson, of Naperville, Ill., for a label on a children's scooter that said, "This product moves when used." No oral use A $100 third prize went to Ann Marie Taylor, of Camden, S.C., who submitted a warning from a digital thermometer that said, "Once used rectally, the thermometer should not be used orally." This year's contest coincides with a drive by President Bush and congressional Republicans to put caps and other limits on jury awards in liability cases. "Warning labels are a sign of our lawsuit-plagued times," said group President Robert Dorigo Jones. "From the moment we raise our head in the morning off pillows that bear those famous Do Not Remove warnings, to when we drop back in bed at night, we are overwhelmed with warnings." The leader of a group that opposes the campaign to limit lawsuits admits that while some warning labels may seem stupid, even dumb warnings can do good. "There are many cases of warning labels saving lives," said Joanne Doroshow, executive director of the Center for Justice and Democracy in New York. "It's much better to be very cautious ... than to be afraid of being made fun of by a tort reform group." The Wacky Warning Label Contest is in its eighth year. ---------------------------------------------------------------------------------------------------- We Expertly Hunt Real Spies, Real Eavesdroppers, and Real Wiretappers. ---------------------------------------------------------------------------------------------------- James M. Atkinson Phone: (978) 546-3803 Granite Island Group Fax: (978) 546-9467 127 Eastern Avenue #291 Web: http://www.tscm.com/ Gloucester, MA 01931-8008 Email: mailto:jmatk@t... ---------------------------------------------------------------------------------------------------- World Class, Professional, Ethical, and Competent Bug Sweeps, and Wiretap Detection using Sophisticated Laboratory Grade Test Equipment. ---------------------------------------------------------------------------------------------------- 10510 From: secureoffice Date: Thu Jan 6, 2005 1:39pm Subject: Re: Microphones Jim It's not my place to comment on the relationship between two people or how they behave. I was simply pointing out the fact. It was not meant as a condemnation or opposite. As a list owner you are perfectly entitled to do what you see fit. However, it's not my place to comment on who was right or wrong, and I won't. I was simply letting Mr Garrett know that he should contact Steve directly should he require his specific response. I trust the matter requires no further explanation. Kindest regards -Ois --- In TSCM-L@yahoogroups.com, "James M. Atkinson" wrote: > > Ois, > > The only time that I have ever banned or removed someone from the list is > when that person becomes extremely disruptive and rude or abusive to the > list membership, or if I catch them doing naughty, naughty things. > > Steve was indeed banned from this group a few months back, but only after > his repeat transgressions significantly exceeded his welcome and my > tolerance of his often offensive Prima Donna behavior. tripped the squelch > circuit. He was given ample time to mend his behavior for at least six > month before his being banned. > > "sapiens timet et declinat malum stultus transilit et confidit, > Proverb14:16 > > The list needs good communications, and a place where members can ask > questions and discuss all levels of TSCM from the beginner and apprentice > levels to the Technician and Engineering levels. The list exists to > improve the profession, and for no other purpose. > > Also, greetz to the list members who are going out to the Little Red School > house for the first time, enjoy the daily commute (you know who you are). > > -jma > > > > At 02:26 PM 1/5/2005, secureoffice wrote: > > > >Steve was banned from the group by the group owner, you'll need to > >email him directly if you want his opinion. > > > >Regards > > > >-Ois > > > > > >--- In TSCM-L@yahoogroups.com, "DJ" wrote: > > > > > > > > > Steve you could probably answer this one. In the movie Enemy of the > > > State (steve did a great job here), I saw many microphones used at > > > long ranges to listen into the subjects conversations. Does anyone > > > have any whitepapers or any other information on the availability of > > > microphones that will work at a distance of over 20 feet from the > > > subject? > > > > > > Thanks, > > > IT2 Garrett > > > ---------------------------------------------------------------------------------------------------- > We Expertly Hunt Real Spies, Real Eavesdroppers, and Real Wiretappers. > ---------------------------------------------------------------------------------------------------- > James M. Atkinson Phone: (978) 546-3803 > Granite Island Group Fax: (978) 546-9467 > 127 Eastern Avenue #291 Web: http://www.tscm.com/ > Gloucester, MA 01931-8008 Email: mailto:jmatk@t... > ---------------------------------------------------------------------------------------------------- > World Class, Professional, Ethical, and Competent Bug Sweeps, and > Wiretap Detection using Sophisticated Laboratory Grade Test Equipment. > ---------------------------------------------------------------------------------------------------- 10511 From: Dragos Ruiu Date: Thu Jan 6, 2005 0:20pm Subject: Call For Articles: MISC Magazine - CanSecWest/core05 (Details in French Below) Win a trip to attend CanSecWest/core05. Get published in MISC Magazine. Contest Details: You just have to write an original article (3500-4000 words) for publication in MISC Magazine on any topic related to computer security: exploit writing, (anti-)virus, (anti-)forensics, network, protocol manipulation, honeypots, IDS/IPS, reverse engineering, telecoms, and so on... For a list of subjects already covered in the magazine have a look at http://www.miscmag.com/sommaire.php The best submitted article (details below) will win a free trip (airfare, hotel) and conference registration. All contest information available on http://www.miscmag.com/csw05-tc.php The conference website can be found at http://cansecwest.com The CanSecWest/core05 conference consists of tutorials on technical details about current issues, innovative techniques and best practices in the information security realm. Many famous researchers contribute each year. The attendees are a multi-national mix of professionals involved on a daily basis with security work and provide a social networking opportunity to mingle with eminent technical researchers. It will be held on May 4-6 at the Mariott Renaissance hotel in downtown Vancouver, British Columbia, Canada. MISC is a french magazine focusing on information security. Each issue features an in-depth coverage of a specific topic through a series of articles exploring the subject. Beside this key theme regular columns provide the reader with advanced techniques pertaining to information security. Because security can not be limited to technical and scientific aspects MISC also covers domains like law or information warfare. The winning article submission receives: - registration for CanSecWest/core05 donated by the conference - 4 nights in the conference hotel (Mariott Renaissance) paid for by the conference (though incidental costs are still your responsibility). - a round-trip to Vancouver (Canada), paid by Diamond Edition (the winner must have a valid passport and visa if needed) - the publication of your article in MISC, paid at the regular MISC rate (to use as spending money on your trip). The committee will select the best article which will be published in MISC Magazine. The 5 following criteria will guide the committee's choice: 1) education: how much does it teach? 2) innovation: how is it new? 3) technical level: what is the technical level of the article? 4) applicability: does it affect a lot of people? 5) style: grammar, orthography, syntax, clarity, ... More than one article may be published in MISC Magazine, but only the best one will win the trip. To have a chance to win, send article submission by email to csw05@m... along with the following information before the 29th of January 2005: 1) Author, and geographical location (country of origin/passport) and contact info (e-mail, postal address, phone, fax). We need a real name and real contact details or we won't be able to pay for the trip. 2) Employer and/or affiliations. 3) 3 to 5 keywords describing the topic of the proposal 4) The article, written either in French or English, and using the style sheets available at http://www.miscmag.com/styles/ 5) Optionally, any samples (code or whatever) related to the article. 6) The folowing declaration: I, , hereby certify that the submitted article has been written by me and that I own the intellectual property contained in it. I, , give Diamond Editions the right to publish this article in their magazines. If a submission is incomplete, the article will not be considered for the challenge. Only one submission per person is allowed - if there are multiple submissions, only the last one will be considered. Please submit all proposals by January 29 latest. Results will be communicated to the participants on the 15th February 2005. MISC Magazine : http://www.miscmag.com CanSecWest/core05 : http://cansecwest.com --------------------- CanSecWest/core05 - MISC Magazine Gagner un séjour pour assister à CanSecWest/core05. Comment faire ? Simplement en écrivant un article original de 3500-4000 mots sur le thème de la sécurité informatique : techniques d'exploits, (anti-)virus, (anti-)forensics, manipulation de réseau, détournement de protocoles, pots à miel et autres IDS/IPS, reverse engineering, télécoms, etc... Pour découvrir les sujets traités dans MISC, vous pouvez visiter http://www.miscmag.com/sommaire.php. Tous les détails sur : http://www.miscmag.com/csw05-tc.php La conférence CanSecWest/core05 se compose de tutoriaux sur les questions actuelles, les techniques innovatrices et les meilleures pratiques dans le domaine de sécurité de l'information. De prestigieux orateurs y participent chaque année, permettant ainsi aux auditeurs de se tenir informés des dernières nouveautés du secteur. Elle se déroule du 4 au 6 Mai 2005 à Vancouver (Canada). Le magazine français « 100% sécurité informatique » MISC est composé d'un dossier traitant de manière approfondie d'un thème, et de nombreuses rubriques permettant à chacun de découvrir les techniques avancées liées à la sécurité de l'information. MISC traite également des domaines connexes (droit ou guerre de l'information par exemple) car la sécurité de l'information ne se limite pas à des problèmes techniques et scientifiques. Prix pour le vainqueur : - l'entrée à CanSecWest - 4 nuits d'hôtel à l'hôtel de la conférence (Mariott Renaissance) - le billet d'avion pour se rendre à Vancouver, acheté par Diamond Edition (le vainqueur devra disposer, si besoin, d'un passeport valide et d'un visa pour le Canada) - la publication de l'article, rémunéré au tarif normal des auteurs de MISC, dans un numéro à venir de MISC. Le jury sélectionnera la meilleure proposition, qui sera ensuite publiée dans MISC Magazine. La barème se décompose en 5 critères, d'importance égale : 1) éducation : l'article est-il pédagogique ? 2) innovation : quelle(s) part(s) de nouveauté ? 3) technicité : quel est le niveau technique de l'article ? 4) portée : est-ce que cela concerne beaucoup de personnes ? 5) style : orthographe, grammaire, clarté, ... Tous les bons articles seront susceptibles d'être publiés dans MISC, mais seul le meilleur remportera le voyage à CanSecWest. Pour participer, il faut envoyer un mail à csw05@m... avec les informations suivantes avant le Samedi 29 Janvier : 1) présentation : nom, prénom, ville/pays d'origine, nationalité, contact (e-mail, adresse postale, téléphone, fax) Attention : sans ces informations, votre prix ne pourra vous être remis. 2) employeur et/ou affiliation 3) 3-5 mots clé pour caractériser l'article 4) l'article, écrit en Anglais ou en Français, et respectant les feuilles de style : http://www.miscmag.com/styles/ 5) éventuellement, des exemples (codes ou autres) liés à l'article 6) La mention suivante : Je soussigné déclare sur l'honneur être l'auteur de l'article soumis afin de participer au concours, et que j'en détiens donc les droits de propriété intellectuelle. En cas de victoire, j'autorise Diamond Edition à faire usage de mon article dans leurs publications. Tout mail incomplet invalidera la participation. Une seule participation par personne est autorisée. Date limite de participation : Samedi 29 Janvier 2005, date de réception du mail faisant foi. Liens utiles MISC Magazine : http://www.miscmag.com CanSecWest/core05 : http://cansecwest.com -- World Security Pros. Cutting Edge Training, Tools, and Techniques Vancouver, CanadaMay 4-6 2005 http://cansecwest.com pgpkey http://dragos.com/ kyxpgp 10512 From: delta Date: Thu Jan 6, 2005 0:27pm Subject: Re: looking for a tdr many thanks jay for your help i think i m going to buy a riserbond 3300 here in france thanks to all for your help and your experience with tdr i think this mailing liste is very good david 10513 From: Lawrence Dillard Date: Thu Jan 6, 2005 3:34pm Subject: Lawrence D. Dillard This is to tell all his friends, Larry died in his sleep, sometime last night or early this morning. If you need to know more , or want to contact me, my e-mail address is cdillards@m..., 303-661-0660 Cheryle 10514 From: Hawkspirit Date: Thu Jan 6, 2005 9:00pm Subject: Sweep Needed Anyone have a portable x-ray unit for a sweep in Cincinnati Ohio? Roger Tolces Electronic Security Co. HYPERLINK "http://www.bugsweeps.com/"www.bugsweeps.com --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.825 / Virus Database: 563 - Release Date: 12/30/2004 [Non-text portions of this message have been removed] 10515 From: littledog Date: Fri Jan 7, 2005 11:48am Subject: vonage? Hello, could anyone out the give me their insight on the new broadband cable phone services? Are they more or less secure and since it seems that everything is controlled through a website (or is it?) like customizing the service to a record of all incoming and outgoing calls, are they vulnerable to hackers? I'm new and still in the little red schoolhouse..thanx 10516 From: Agent Geiger Date: Fri Jan 7, 2005 6:15pm Subject: Re: vonage? I have been using the service for several months with no problems. --- littledog wrote: > > Hello, could anyone out the give me their insight on > the new broadband cable phone services? Are they > more or less secure and since it seems that > everything is controlled through a website (or is > it?) like customizing the service to a record of all > incoming and outgoing calls, are they vulnerable to > hackers? I'm new and still in the little red > schoolhouse..thanx > > > > __________________________________ Do you Yahoo!? Yahoo! Mail - Find what you need with new enhanced search. http://info.mail.yahoo.com/mail_250 10517 From: James M. Atkinson Date: Fri Jan 7, 2005 6:43pm Subject: Re: vonage? The quality of the audio tends to be less then that of a hard wired dedicated phone line with annoying echo's and barrel effect audio. Security is another question... because there is none. -jma At 12:48 PM 1/7/2005, littledog wrote: >Hello, could anyone out the give me their insight on the new broadband >cable phone services? Are they more or less secure and since it seems that >everything is controlled through a website (or is it?) like customizing >the service to a record of all incoming and outgoing calls, are they >vulnerable to hackers? I'm new and still in the little red schoolhouse..thanx ---------------------------------------------------------------------------------------------------- We Expertly Hunt Real Spies, Real Eavesdroppers, and Real Wiretappers. ---------------------------------------------------------------------------------------------------- James M. Atkinson Phone: (978) 546-3803 Granite Island Group Fax: (978) 546-9467 127 Eastern Avenue #291 Web: http://www.tscm.com/ Gloucester, MA 01931-8008 Email: mailto:jmatk@t... ---------------------------------------------------------------------------------------------------- World Class, Professional, Ethical, and Competent Bug Sweeps, and Wiretap Detection using Sophisticated Laboratory Grade Test Equipment. ---------------------------------------------------------------------------------------------------- 10518 From: Agent Geiger Date: Fri Jan 7, 2005 8:51pm Subject: Re: vonage? There is no real security on ANY phone line. However, my line quality has been just as good a traditional landline. It depends on the quality of your Internet connection. The number can also have ANY area code and is very portable. Not to mention, is very cheap. --- "James M. Atkinson" wrote: > > The quality of the audio tends to be less then that > of a hard wired > dedicated phone line with annoying echo's and barrel > effect audio. > > Security is another question... because there is > none. > > -jma > > > > At 12:48 PM 1/7/2005, littledog wrote: > > > >Hello, could anyone out the give me their insight > on the new broadband > >cable phone services? Are they more or less secure > and since it seems that > >everything is controlled through a website (or is > it?) like customizing > >the service to a record of all incoming and > outgoing calls, are they > >vulnerable to hackers? I'm new and still in the > little red schoolhouse..thanx > > > ---------------------------------------------------------------------------------------------------- > We Expertly Hunt Real Spies, Real Eavesdroppers, and > Real Wiretappers. > ---------------------------------------------------------------------------------------------------- > James M. Atkinson > Phone: (978) 546-3803 > Granite Island Group Fax: > (978) 546-9467 > 127 Eastern Avenue #291 > Web: http://www.tscm.com/ > Gloucester, MA 01931-8008 Email: > mailto:jmatk@t... > ---------------------------------------------------------------------------------------------------- > World Class, Professional, Ethical, and Competent > Bug Sweeps, and > Wiretap Detection using Sophisticated Laboratory > Grade Test Equipment. > ---------------------------------------------------------------------------------------------------- > > > __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com 10519 From: David Kervin Date: Fri Jan 7, 2005 6:17pm Subject: Technical Surveillance Countermeasure Personnel Technical Surveillance Countermeasure Personnel General Information Document Type: Presolicitation Notice Solicitation Number:HQ0095-05-R-0012 Posted Date:Jan 06, 2005 Original Response Date:Jan 24, 2005 Current Response Date:Jan 24, 2005 Original Archive Date:Feb 08, 2005 Current Archive Date:Feb 08, 2005 Classification Code:R -- Professional, administrative, and management support services Set Aside:Total Small Business Naics Code:561611 -- Investigation Services Contracting Office Address Other Defense Agencies, Washington Headquarters Services, Acquisition and Procurement Office, Acquisition and Procurement Office, RDF, Room 1F1K711B 1155 Defense Pentagon, Washington, DC, 20301-1155 Description The contractor shall provide personnel that are Agilent certified to perform duties of management, coordination, and operation of advanced radio frequency monitoring equipment. The contractor will be responsible for the analysis of all signal data collected. Duties shall include the configuration of equipment to optimize performance, maintenance of a Windows 2000 network server, investigative data analysis, database management, advice and assistance for system development from software packages used to assist in collection and analysis. The contractor shall resolve any anomalies the system may detect and provide monthly progress reports of the systems development to the PFPA Technical Security Program Manager. The contractor shall provide quarterly status briefings to senior Department of Defense executives, policy and decision makers. This requirement will be solicited as a sole source requirement to Vector Technologies, LLC. The NAICS code associated with this requirement is 561611. Point of Contact Patricia Hill, Contract Specialist, Phone 703 614 6354, Fax 703 692 0811, Email patricia.hill.ctr@w... - Jeraline Artis, Procurement Analyst, Phone (703) 697 4350, Fax (703) 692 4091, Email jeraline.artis@w... Place of Performance Address:Pentagon Force Protection Agency 9000 Defense Pentagon, Room 4E139 Washington D.C. Postal Code:20301 [Non-text portions of this message have been removed] 10520 From: dj Date: Fri Jan 7, 2005 7:49pm Subject: Re: vonage? Vonage/Lingo/Primus .. basically all work the same way. The voice quality is a little less because of the compression but these type of q's are right up my alley. I work as a technology consultant and have been working with Voice Over IP for sometime now. The calls are not encrypted by no means and are vulnerable to about any type hack. The boxes that control these are similar in nature to cisco's voip but different in the fact that they provide a client with a dial tone on the down side of the box. The boxes have a mac address and obtain a ip through a dchp server. The big problems with them is that with NAT they tend to loose their stay alive signals. Lets say that the call generates on port 5060 and then another call comes in to the box via call waiting. NAT will migrate that port to lets say 17500 and keep the orginal call at that port. That port is migrated at your local router and not on the service providers end. So the keep alive signal ... (really just a packet) that says that this call shouldn't be disconnected is send to the box at port 5060 and cannot find an active conversation because you hung up with your 3rd party. So the system disconnects you. Also about 9 minutes into a call they boxes all seem to migrate with NAT to a new port number due in part to trying to free up lower level port numbers for use by local apps. Using Cain and Able a program that is readily available you can simply enumerate the MAC and IP of the local box and then using a port scanner see which port it is operating on. Solar Winds does this with no problem but there are a million port scanners and network analyzer/sniffers that one can use. If one does not password protect and encrypt the password of the administration side of the boxes it is simple to take control of ones box. As for putting the packets back together to generate the original call. Well I haven't found a program that will do that very well but let me know if you do. v/r, IT2 Garrett --------------------------------- Do you Yahoo!? Yahoo! Mail - You care about security. So do we. [Non-text portions of this message have been removed] 10521 From: Michael Puchol Date: Sat Jan 8, 2005 4:07am Subject: Re: vonage? Hi, A couple of months ago a phreaker demonstrated that you can give yourself any caller ID you want if you have a Vonage account, at least for a while. He simply called Vonage and gave them the number of a well-known TV actor, and told them it was his landline number, if they could link the caller ID of his VoIP account to this number. Amusingly, they complied without any questions, and he now could make calls using the actor's caller ID, and all calls made on the Vonage network to the actor's phone would be re-routed to the phreaker's VoIP phone. Vonage's comments were that yes, they would put any caller ID a costumer requests, it could even be President Bush's phone number (yes, they did say this!), and then do a check with the phone company involved, which could take some two weeks. So for two weeks you could make phone calls pretending to be anyone you want. Doesn't say much for them IMHO... Regards, Mike 10522 From: Tech Sec Lab Date: Sat Jan 8, 2005 7:49am Subject: RE: Technical Surveillance Countermeasure Personnel Does anyone have any info or experience regarding the Agilent certification? Please respond off list, Kind regards -Ois ******************************************** Message: 5 Date: Sat, 8 Jan 2005 02:17:12 +0200 From: "David Kervin" Subject: Technical Surveillance Countermeasure Personnel Technical Surveillance Countermeasure Personnel General Information Document Type: Presolicitation Notice Solicitation Number:HQ0095-05-R-0012 Posted Date:Jan 06, 2005 Original Response Date:Jan 24, 2005 Current Response Date:Jan 24, 2005 Original Archive Date:Feb 08, 2005 Current Archive Date:Feb 08, 2005 Classification Code:R -- Professional, administrative, and management support services Set Aside:Total Small Business Naics Code:561611 -- Investigation Services Contracting Office Address Other Defense Agencies, Washington Headquarters Services, Acquisition and Procurement Office, Acquisition and Procurement Office, RDF, Room 1F1K711B 1155 Defense Pentagon, Washington, DC, 20301-1155 Description The contractor shall provide personnel that are Agilent certified to perform duties of management, coordination, and operation of advanced radio frequency monitoring equipment. The contractor will be responsible for the analysis of all signal data collected. Duties shall include the configuration of equipment to optimize performance, maintenance of a Windows 2000 network server, investigative data analysis, database management, advice and assistance for system development from software packages used to assist in collection and analysis. The contractor shall resolve any anomalies the system may detect and provide monthly progress reports of the systems development to the PFPA Technical Security Program Manager. The contractor shall provide quarterly status briefings to senior Department of Defense executives, policy and decision makers. This requirement will be solicited as a sole source requirement to Vector Technologies, LLC. The NAICS code associated with this requirement is 561611. Point of Contact Patricia Hill, Contract Specialist, Phone 703 614 6354, Fax 703 692 0811, Email patricia.hill.ctr@w... - Jeraline Artis, Procurement Analyst, Phone (703) 697 4350, Fax (703) 692 4091, Email jeraline.artis@w... Place of Performance Address:Pentagon Force Protection Agency 9000 Defense Pentagon, Room 4E139 Washington D.C. Postal Code:20301 [Non-text portions of this message have been removed] 10523 From: Hawkspirit Date: Sat Jan 8, 2005 0:51pm Subject: TSCM History For those of you who collect TSCM history http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem&category=73336&item=5741413404 &rd=1 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.825 / Virus Database: 563 - Release Date: 12/30/2004 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.830 / Virus Database: 565 - Release Date: 1/6/2005 [Non-text portions of this message have been removed] 10524 From: Brian Varine Date: Sat Jan 8, 2005 7:35am Subject: Vonage/VoIP ----- Original Message ----- From: To: Sent: Saturday, January 08, 2005 5:21 AM Subject: [TSCM-L] Digest Number 1787 > Hello, could anyone out the give me their insight on the new broadband > cable phone services? Are they more or less secure and since it seems that > everything is controlled > through a website (or is it?) like customizing > the service to a record of all incoming and outgoing calls, are they > vulnerable to hackers? I'm new and still in the little red > schoolhouse..thanx Most VOIP providers are not "secure" but then again, neither are hardwired phones. All VoIP providers are using well known protocols for signalling and codecs so it's not difficult to tap a call. If the attacker can see the packets, they can decode the voice. There is a new VoIP freeware detector and recorder called VoIPong that works off Linux (http://www.enderunix.org/voipong/), it handles G.711 (64k) and they are looking to support G.723 and G.729 (8k). The other part of VoIP to secure is the call manager system. Most vendors are using standard Windows 2000/Windows 2003 Servers so security can vary from non-existant to really good, it all depends. I would ass*u*me companies like Vonage have good security on their call management systems since all of their services are directed at Internet users. I have audited some enterprises with VoIP systems and the security is typically not very good. Their rationale is they are "protected" by a firewall so why secure/harden the servers. A lot don't realize that if their network gets bombed (ala Nimda/Code Red/SQL Slammer), they lose their phone service. A few enterprises fortunately have done it right..secure servers on a protected subnet with the voice traffic going over separate VLAN's and wire. 10525 From: savanted1 Date: Sat Jan 8, 2005 1:46pm Subject: Comments Dear, Esteemed Group Members I have just formed the TICSA Study group on Yahoo. Please by all means feel free to join and participate in educating yourself towards ascertaining the TICSA Certified Associate credential. Group home page: http://groups.yahoo.com/group/TICSAStudy Group email address: TICSAStudy@yahoogroups.com Regards, 10526 From: Date: Sat Jan 8, 2005 11:34am Subject: Security Considerations For VOIP Systems January 2005 http://csrc.nist.gov/publications/nistpubs/800-58/SP800-58-final.pdf