-----BEGIN PGP SIGNED MESSAGE----- At 08:10 AM 9/3/02 -0400, Dave Aitel wrote: >*** PGP Signature Status: good >*** Signer: Dave Aitel (Immunity, Inc) <[EMAIL PROTECTED]> >(Invalid) *** Signed: 9/3/02 8:10:49 AM >*** Verified: 9/3/02 10:07:49 AM >*** BEGIN PGP VERIFIED MESSAGE *** > > >I figured I'd forward this on to the list as a warning. >-dave
It's not true. It's part of a larger effort by one person to bring discredit upon (ISC)^2 (note the accepted form of abbreviation). (ISC)^2 is aware of the general effort and is taking action they deem appropriate. They have established an e-mail address to accept reports of suspicious e-mail and posted a web page on the issue to the web site with a link on the http://www.isc2.org homepage. See: https://www.isc2.org/cgi-bin/content.cgi?page=173 (note https; where you can also check the certificate w/your browser) There are several variants of this message, including two that alledge the (ISC)^2 mail and DB servers were successfully hacked. Not true. The attack has attempted to use several IT and IT-security related mailing lists. > >Return-Path: <[EMAIL PROTECTED]> >Delivered-To: [EMAIL PROTECTED] >Received: (qmail 37832 invoked from network); 3 Sep 2002 11:21:32 >-0000 Received: from unknown (HELO isc2.org) (204.87.205.244) by ^^^^^^^ ^^^^^^^^^^^^^^ Here is the first clue. Each one of these I've seen so far, comes from a host on one or more of the anti-spam RBL's. This IP is presently on proxies.relays.monkeys.com. The IP block is registered in Latin America, not from (ISC)^2's block nor (ISC)^2's MX. So far the attacker has not demonstrated the skill to completely spoof the mail header, not to say he won't at some time in the future. -----BEGIN PGP SIGNATURE----- Version: PGP Personal Security 7.0.3 Comment: hacker=cybercriminal--the definition changed; get over it iQCVAwUBPXTFlfGfiIQsciJtAQHqXAP/fUhLhcfGzxcSP6fq2CfBgk2BLRiRozhe FhEr4WSL5Cz91Jo79cSuHvArGGCei4VduzI6pMmUp/oxEG2h2e1DhVG6CCHdYVRE T9bDJXKBNCGwX4Oq4VYXw+vLcD7uWZwtCGW8cskw6EU+i4N0TO4bJYuRtXuV4KEB H+iA72nutQc= =gTSa -----END PGP SIGNATURE----- -- Regards, David Kennedy CISSP /"\ Director of Research Services, \ / ASCII Ribbon Campaign TruSecure Corp. http://www.trusecure.com X Against HTML Mail Protect what you connect; / \ Look both ways before crossing the Net. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
