CERT forgery

CERT forgery

Post by Kent Perri » Fri, 07 Mar 1997 04:00:00



I got the following email today.  Note that the pgp signature doesn't
match.  Has anyone else gotten this?  Note that the reference to
digicrime.com is a clue that this is a fake too.

Kent

==== Included Message ====


Date: Wed, 5 Mar 97 20:04 CST


Sensitivity: PERSONAL-CONFIDENTIAL
Precedence: EMERGENCY
Priority: URGENT

Organization: CERT(sm) Coordination Center -  +1 412-268-7090
Subject: CERT Summary CS-1897.04.01

-----BEGIN PGP SIGNED MESSAGE-----

----------------------------------------------------------------------------

Computer Emergency Response Team (sm) Summary CS-1897.04.01

The CERT Coordination Center periodically issues the CERT Summary to
draw attention to the types of attacks currently being reported to our
Incident Response Team.  You may be aware of a recent trend in network
abuse known as *Robot.  This webcrawler is capable of obtaining
root access to many types of Internet servers, and has been captured as
it tried to move from your ISP to another.  The SysOps have been alerted,
but your personal and private information has already been compromised.

NOTE:  SysOps are NOT responsible for your personal security, so you MUST
       take the appropriate actions immediately.

Please see prior bulletins, or visit http://www.veryComputer.com/ for more info.

----------------------------------------------------------------------------

How to Contact the CERT Coordination Center


Phone    +1 412-268-7090 (24-hour hotline)
                CERT personnel answer 8:30-5:00 p.m. EST
                (GMT-5)/EDT(GMT-4), and are on call for
                emergencies during other hours.

Fax      +1 412-268-6989

Postal address
        CERT Coordination Center
        Software Engineering Institute
        Carnegie Mellon University
        Pittsburgh PA 15213-3890
        USA

----------------------------------------------------------------------------

Copyright 1897 Carnegie Mellon University

This material may be reproduced and distributed without permission provided
it is used for noncommercial purposes and credit is given to the CERT
Coordination Center.

CERT is a service mark of Carnegie Mellon University.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMxR8THVP+x0t4w7BAQHLdgP/ZhctBl2lw6D5+ITY01aLq7t0ObFXGqzb
pDNsLCTbF5d27dpBQHBlee7472qMSZjIwtFxeouOP/kSzlBQ951AXDz8S0S3McOm
0Jz2XNOzQciNxxPXdbs7ai0Md+OPNPLy1gxeNq+l+zqQmhq9o/F1+a9PV40hWW/f
lRqM6TtEF6Q=
=x6rN
-----END PGP SIGNATURE-----

--
Kent Perrier           If Bill Clinton is the answer, then it must

Corporations don't have opinions, people do.  These are mine.
PGP 2.6 Public Key available by request and on key servers
PGP encrypted mail preferred!

 
 
 

CERT forgery

Post by P?l L?be » Fri, 07 Mar 1997 04:00:00



> I got the following email today.  Note that the pgp signature doesn't
> match.  Has anyone else gotten this?  Note that the reference to
> digicrime.com is a clue that this is a fake too.

You're not the only one. I guess they have tried to make the
*Robot hoax a bit more "serious" by putting it into a CERT
Summary, but it's still the same.

BTW. http://www.veryComputer.com/ is quite fun. Note that a visit may
result in having your e-mail address sent to the author of the site
(unless you have turned on "maximum paranoia mode" in your browser.)

--
******************** P?l Brovold L?berg ******************

**********************************************************

 
 
 

1. RSA BSAFE Cert-C and MS CryptoAPI Cert stores

Hey,

Is anyone using the RSA BSAFE Cert-C library and storing certificates in the
MS-CryptoAPI certificate stores?  I'm not talking about the using the
MS-CryptoAPI with the RSA_PROV_FULL  provider, I'm talking about using the
RSA development libraries and storing certificates using the CryptoAPI db
service.  Those who have used it will know what I'm talking about.

I have a problem accessing the certificates in the ROOT and CA stores.  I
have a program which successfully shows all certs in the MY store, but when
I point it at the ROOT and CA stores, it barfs on the first certificate
(which is invalid, for some reason) and refuses to show me any more certs
from those stores.  Calling C_SelectFirstCert returns E_ISSUER_NAME or
E_PUBLIC_KEY depending on the store.  I don't care that any given cert is
invalid, I just want to get a list of all the certs, then I can work out if
each certificate is valid or not.  As it is, I effectively cannot access the
certs in the store.

Any ideas on how to work around this?

Regards,
Steve
--
Steve Baker
Open your mind, then check out www.nexusmagazine.com

2. Problems with burst

3. email forgery issues/questions

4. E-mail addresses for CD-R vendors

5. mail forgery from outlook2000 client

6. Clarification MoneyCounts ->Quicken or MS Money

7. E-Mail Forgery in Netscape

8. FS: Monitor: NEC MultiSync 2A

9. FAQ: Better living through forgery (Updated!)

10. alt.sex forgery allegation

11. FAQ: Better living through forgery

12. Certs that get you past job screeners, get phone calls, get interviews, land jobs.