From: Charles P Date: Sat Jul 21, 2001 2:54pm Subject: Re: Foam for equipment cases Ah, B&H is a good idea, I have their catalog. It would be nice to a bulk source for sheets of it, though. I often wondered about using the spray can insulation foam. Do you know if that would be similar to the liquid foam? It seemed a bit dense. Would you know source for the liquid foam? as always Thanks Charles ----- Original Message ----- From: "James M. Atkinson, Comm-Eng" To: "TSCM-L Mailing List" Sent: Saturday, July 21, 2001 2:41 PM Subject: Re: [TSCM-L] Foam for equipment cases > At 2:33 PM -0400 7/21/01, Charles P wrote: > >I would like to get some new foam inserts for some of my halliburton cases > >but the prices from the usual dealers always seem quite high ($99 from > >Jensen for instance- that's for one case). > > > >Does anyone know of a good source for that type of foam? > > > >thanks > >Charles > > > > The foam you use will depend on how heavy/bulky the item in the case > is, and the amount of shock it can handle. > > If you need "just regular foam" contact B&H Photo for the lowest > price, but if you want something "better" look toward anti-static > foam, or some of the higher density foam sheets. > > If you have something that has some really bizarre shapes (or is > bulky) then consider a liquid foam that you can form around the item, > and then trim away the excess once it is solid. > > -jma > -- > > -------------------------------------------------------------------------- ----------------------- > James M. Atkinson Phone: (978) 381-9111 > Granite Island Group Fax: > 127 Eastern Avenue #291 http://www.tscm.com/ > Gloucester, MA 01931-8008 jmatk@tscm.com > -------------------------------------------------------------------------- ----------------------- > The First, The Largest, The Most Popular, and The Most Complete TSCM, > Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. > -------------------------------------------------------------------------- ----------------------- > > ======================================================== > TSCM-L Technical Security Mailing List > "In a multitude of counselors there is strength" > > To subscribe to the TSCM-L mailing list visit: > http://www.yahoogroups.com/community/TSCM-L > > or email your subscription request to: > subTSCM-L@t... > =================================================== TSKS > > Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ > > > 3393 From: DrPepper Date: Sat Jul 21, 2001 3:56pm Subject: Re: Foam for equipment cases yeah, , ,, just go to your local hardware store and get a can of foam, crack sealant. It will spray in and it works fine. Just be sure to use plastic liner on the stuff you don't want to damage. It's an adhesive, also.. ------------------------ Charles P wrote: > Ah, B&H is a good idea, I have their catalog. It would be nice to a bulk > source for sheets of it, though. > > I often wondered about using the spray can insulation foam. Do you know if > that would be similar to the liquid foam? It seemed a bit dense. Would you > know source for the liquid foam? > > as always > Thanks > Charles > > ----- Original Message ----- > From: "James M. Atkinson, Comm-Eng" > To: "TSCM-L Mailing List" > Sent: Saturday, July 21, 2001 2:41 PM > Subject: Re: [TSCM-L] Foam for equipment cases > > > At 2:33 PM -0400 7/21/01, Charles P wrote: > > >I would like to get some new foam inserts for some of my halliburton > cases > > >but the prices from the usual dealers always seem quite high ($99 from > > >Jensen for instance- that's for one case). > > > > > >Does anyone know of a good source for that type of foam? > > > > > >thanks > > >Charles > > > > > > > > The foam you use will depend on how heavy/bulky the item in the case > > is, and the amount of shock it can handle. > > > > If you need "just regular foam" contact B&H Photo for the lowest > > price, but if you want something "better" look toward anti-static > > foam, or some of the higher density foam sheets. > > > > If you have something that has some really bizarre shapes (or is > > bulky) then consider a liquid foam that you can form around the item, > > and then trim away the excess once it is solid. > > > > -jma > > -- > > > > -------------------------------------------------------------------------- > ----------------------- > > James M. Atkinson Phone: (978) 381-9111 > > Granite Island Group Fax: > > 127 Eastern Avenue #291 http://www.tscm.com/ > > Gloucester, MA 01931-8008 jmatk@tscm.com > > -------------------------------------------------------------------------- > ----------------------- > > The First, The Largest, The Most Popular, and The Most Complete TSCM, > > Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. > > -------------------------------------------------------------------------- > ----------------------- > > > > ======================================================== > > TSCM-L Technical Security Mailing List > > "In a multitude of counselors there is strength" > > > > To subscribe to the TSCM-L mailing list visit: > > http://www.yahoogroups.com/community/TSCM-L > > > > or email your subscription request to: > > subTSCM-L@t... > > =================================================== TSKS > > > > Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ > > > > > > > > ======================================================== > TSCM-L Technical Security Mailing List > "In a multitude of counselors there is strength" > > To subscribe to the TSCM-L mailing list visit: > http://www.yahoogroups.com/community/TSCM-L > > or email your subscription request to: > subTSCM-L@t... > =================================================== TSKS > > Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ -- Dr Pepper aka WB6GKI in the High Desert of California. Check out my LIVE Hamshack Cam at: http://www1.iwvisp.com/DrPepper/ham/ham.htm 3394 From: James M. Atkinson, Comm-Eng Date: Sat Jul 21, 2001 7:28pm Subject: Re: Foam for equipment cases At 3:54 PM -0400 7/21/01, Charles P wrote: >Ah, B&H is a good idea, I have their catalog. It would be nice to a bulk >source for sheets of it, though. > >I often wondered about using the spray can insulation foam. Do you know if >that would be similar to the liquid foam? It seemed a bit dense. Would you >know source for the liquid foam? > >as always >Thanks >Charles B&H is OK when you need 3-4 sets of foam, but if you need much more then that you would do well for find a foam vendor local o you and but it in bulk. Also, to keep things nice and neat I find it desirable to periodically pull out all the foam and replace it with virgin pieces. -jma -- ------------------------------------------------------------------------------------------------- James M. AtkinsonPhone: (978) 381-9111 Granite Island GroupFax: 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008jmatk@tscm.com ------------------------------------------------------------------------------------------------- The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. ------------------------------------------------------------------------------------------------- 3395 From: James M. Atkinson, Comm-Eng Date: Sat Jul 21, 2001 7:31pm Subject: Re: Foam for equipment cases Use two plastic bags, one for the top, an one for the bottom. Place a thin board between then to make a clean dividing line. -jma At 1:56 PM -0700 7/21/01, DrPepper wrote: >yeah, , ,, just go to your local hardware store and get a can of foam, crack >sealant. It will spray in and it works fine. Just be sure to use plastic liner >on the stuff you don't want to damage. It's an adhesive, also.. > >------------------------ > >Charles P wrote: > >> Ah, B&H is a good idea, I have their catalog. It would be nice to a bulk >> source for sheets of it, though. >> >> I often wondered about using the spray can insulation foam. Do you know if >> that would be similar to the liquid foam? It seemed a bit dense. Would you >> know source for the liquid foam? >> >> as always >> Thanks > > Charles -- ------------------------------------------------------------------------------------------------- James M. AtkinsonPhone: (978) 381-9111 Granite Island GroupFax: 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008jmatk@tscm.com ------------------------------------------------------------------------------------------------- The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. ------------------------------------------------------------------------------------------------- 3396 From: Jack Miller Date: Sun Jul 22, 2001 3:25am Subject: Is spread spectrum safe? Any one knows what type of modulation do military people use? I am sure they should be more than just the standard FM and AM modulation!! Also is Spread Spectrum Modulation (FH, TH ...) interceptable and breakable? thanks ===== ======================================= Jack Miller Researcher Paython and Co. ======================================= __________________________________________________ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/ 3397 From: Steve Whitehead Date: Sun Jul 22, 2001 1:37pm Subject: Granddad caught in secret nude romp "RONNIE GOVENDER An Old Mutual financial adviser claims he was lured into a sex trap by a disgruntled client who secretly videotaped his nude romp with a young woman. Dharam Ramjuggernath, a 59-year-old Durban grandfather, told Judge Brian Galgut on Friday that Subash "Harold" Haribhai had threatened to show the tape to his wife and family. According to papers filed in the Durban High Court, Ramjuggernath sold insurance policies to Haribhai's mother. After her death in 1997, Haribhai was unhappy with the manner in which Old Mutual wound up her estate, and accused Ramjuggernath of defrauding him. Ramjuggernath said Haribhai was using the videotape to extort money from him. He asked the court to restrain Haribhai from harassing him and his family and to hand over the video. He said he had been lured to an Amanzimtoti flat on June 27 on the pretext of selling a policy to a man calling himself Terence Pillay and his "wife", Patsy. While Pillay was out of the room, he said, Patsy "suggested that I should meet her". They met at the flat on July 2, and ended up naked and kissing, he said. Two days later, Pillay arranged to meet Ramjuggernath to conclude the insurance deal - but instead produced a tape of his encounter with Patsy. At that point, Haribhai - who admitted owning the apartment - entered the room and accused Ramjuggernath of having defrauded his mother's estate. "He said that I must 'sort him out' . . . he then threatened to show the tape to my wife and family and threatened us with death. . ." Ramjuggernath said. Haribhai denied the allegations. "I don't know a Patsy or this Mr Pillay," he said" Story at http://www.suntimes.co.za/2001/07/22/news/news07.htm Steve Whitehead Managing Member E-mail : sceptre@m... Tel (012) 664-3157 Fax (012) 664-3180 International (+2712) P O Box 16063, Lyttelton, 0140, Centurion, South Africa TSCM Services URL : http://www.tscm.co.za [Non-text portions of this message have been removed] 3398 From: Steve Whitehead Date: Sun Jul 22, 2001 1:41pm Subject: Counting the cost of computer hacking " An e-security expert says SA organisations face a one-in-20 chance of falling victim to cybercriminals, writes Lynne Rippenaar Mr Twig, a South African hacker who seems to have had his heart broken, has decided to profess his love on the website of the Internet Corporation for Assigned Names and Numbers, managing to deface the site as he tries to woo back his lover. But while the young suspect, believed to be based in Cape Town, may evoke some sympathy from the jilted, the extent of damage hackers like him cause to corporations is exorbitant. Mr Twig has defaced 30 sites over the past two years, and has threatened to attack another 1 000 vulnerable local sites. Two years ago Edgars, the clothing retailer, lost about R1-million in revenue after a computer programmer brought down the systems of more than 600 stores for a day. The good news is that professional hackers involved in industrial espionage in SA are few and far between. The bad news is that anyone who wants to try his or her hand at hacking can load information from the Internet on how to hack into systems and deface websites, and that most companies are often not aware that their systems have been hacked into. At least 147 companies in SA were attacked in June, according to specialist technology company Computer Security and Forensic Solutions. Computer security breaches are growing at an annual rate of 60%, says the company. Hacking has become such a concern that professional services firm Ernst and Young introduced a Counterhack course last year to equip organisations with skills to combat hackers. Mark O'Flaherty, partner in charge of e-security for Ernst and Young's Information Systems Assurance and Advisory Services, says organisations face a one-in-20 chance of being hacked and the more they understand and know about their network, the better equipped they are to protect it. "Because we believe that hacking is a major threat . . . and because we have direct access to in-house information and security experts and ex-hackers, our aim is to join forces with corporate South Africa." He said that once a hacker has compromised a system, he or she will return through installed "back doors" and spread the word to other hackers on how to penetrate the system. What aggravates the problem is the absence of laws against hacking and the defacing of websites, making South African cyber criminals difficult to prosecute. According to Wimpie Britz, the CEO of Computer Security and Forensic Solutions, companies can expect to spend about R10 000 to R100 000 a month on maintaining security. Reversing the defacing of a website could cost a company between R5 000 and R7 000 and may take anything from one day to one week to rectify. Finding a security breach and the plugging of the problem could take anything from one month to beyond one year. On the other hand, hackers could earn anything from R1 000 to over R1-million for information stolen per attack. Britz says hackers are getting cleverer and gaining access to more hacking tools, freely available on the Internet. "What companies do not seem to understand is that once you've done your security, it is an ongoing (operation). It is not something you can do in July and then hope in August you are still going to be secured, because new tools are being developed on a daily basis and new exploits are being developed on a daily basis." He says hackers often use the defacing of a website as a decoy to cover up what they are doing in the system. According to Britz, the most dangerous hacker is the professional, out to steal sensitive information such as company plans or data from large organisations and sell it to competitors or other interested parties. "From about 20 investigations that we get per month involving computer crimes being committed in companies, I would say about five revolve around industrial espionage, where information is stolen and either being used against the company for blackmailing or for financial or personal gain." While defacing a website is an easy attack, stealing information is much more difficult to pull off. Jaco Grobler, senior manager technology risk services at PricewaterhouseCoopers, says company losses due to hacking are not always tangible; but a company's reputation may suffer, and lost customer confidence "could cost millions in lost turnover". "Just investigating a security incident can cost many times the actual financial loss. Introducing appropriate controls after an incident will also cost a lot of money," says Grobler. Blackmailing by hackers is also becoming a big problem as hackers may start threatening prospective clients into buying their services. Glenn Kieser, manager of Infrastructure Consulting at Microsoft SA, says that the hacking industry in SA is not as huge as hacking in the US. However, hackers still cause extensive damage to businesses if they manage to get hold of sensitive information. "If a hacker sends (companies) . . . a list of files on their servers, they must assume that the hacker has had access to more files," he said. Microsoft itself has not escaped the clutches of hackers. In October a hacker gained access to some of the company's confidential source codes. The South African government has also not escaped the scourge. Amanda Blom, website manager at the State Information Technology Agency, says government websites have been hacked, but that the "design of websites limited damage to embarrassment and the time required to correct" the defaced website. Kieser also warns that hacking is moving away from a simple prank to what is considered a serious crime. "Hacking is turning very quickly from cult status, where people are revered and gain status, to where governments are passing legislation declaring hackers terrorists." Story at http://www.suntimes.co.za/2001/07/22/business/news/news04.htm Steve Whitehead Managing Member E-mail : sceptre@m... Tel (012) 664-3157 Fax (012) 664-3180 International (+2712) P O Box 16063, Lyttelton, 0140, Centurion, South Africa TSCM Services URL : http://www.tscm.co.za [Non-text portions of this message have been removed] 3399 From: Bob Washburne Date: Sun Jul 22, 2001 6:23pm Subject: Ode to Code Red In case you hadn't heard, there is a worm crawling around on the web at the moment called "Code Red." It isn't out to damage your computer, like the "Melisa" virus, but is part os a DDOS (Distributed Denial Of Service) attack against whitehouse.gov. Basicly, for the first twenty days of the month it looks for Microsoft web servers which it can infest and replicate from. This has led to quite a bit of Internet slowdown and crashed a few routers over the past week. Then for the rest of the month it floods (what used to be but was quickly changed) the IP address of www.whitehouse.gov with http requests. If you aren't running a M$ web server, then all you will notice are some strange packets at port 80. Just some minor traffic, no damage or breach. If you ARE running MS IIS,... well, why AREN'T you running Apache? Details can be found in all the usual places; BugTraq, Slashdot, etc. http://slashdot.org/article.pl?sid=01/07/19/2230246&mode=thread But what can't be found everywhere is the following poem I shamelessly copied from a Slashdot poster. Enjoy. While I was working for the feds, I met a worm they called Code Red... And Code Red hit 100K hosts, And every host had 3 infections And every infection had 100 threads And every thread sent 100k And every k had a thousand bytes And every byte was sent in 1 packet And every packet had a 40-byte header Headers, packets, Bytes, k, Infections, hosts and threads... Once every month, just to piss off the Feds. Bob Washburne 3400 From: Tim Date: Sun Jul 22, 2001 10:06pm Subject: Standard message formats? I'm searching for documentation regarding standard message formats used by different world governments for different communications. The whys and the whats are what i'm most interested in, but other info would be great. Example: The US Navy uses the following standard message format for ship-to-ship communication (low-bandwidth) 0000Z/CRITIC FROM blah blah TO blah blah You get the idea. Thanks, Tim 3401 From: Miguel Puchol Date: Mon Jul 23, 2001 0:55pm Subject: RE: Standard message formats? Hi Tim, The WUN (Worldwide Utility News) is a great source of information regarding all types of comms (specialising in HF modes). Take a look at www.wunclub.com They have a very good FAQ on digital modes. All the best, Mike > -----Mensaje original----- > De: Tim [mailto:amnis@p...] > Enviado el: lunes, 23 de julio de 2001 5:07 > Para: tscm-l@yahoogroups.com > Asunto: [TSCM-L] Standard message formats? > > > I'm searching for documentation regarding standard message formats used > by different world governments for different communications. > > The whys and the whats are what i'm most interested in, but other info > would be great. > > Example: > > The US Navy uses the following standard message format for ship-to-ship > communication (low-bandwidth) > > 0000Z/CRITIC > > FROM blah blah > TO blah blah > > You get the idea. > > Thanks, > Tim > > > > ======================================================== > TSCM-L Technical Security Mailing List > "In a multitude of counselors there is strength" > > To subscribe to the TSCM-L mailing list visit: > http://www.yahoogroups.com/community/TSCM-L > > or email your subscription request to: > subTSCM-L@t... > =================================================== TSKS > > Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ > > > 3402 From: Dave Emery Date: Mon Jul 23, 2001 7:18pm Subject: Spread spectrum by military On Sun, Jul 22, 2001 at 01:25:39AM -0700, Jack Miller wrote: > Any one knows what type of modulation do military > people use? I am sure they should be more than just > the standard FM and AM modulation!! That is a very broad question. Army units in the field have traditionally used 30-74 mhz nbfm, but recently a lot of that gear has been replaced with SINGCARS radios which can also do frequency hopped digital modes with encryption. Hopping patterns can include tens or hundreds of frequencies with modulation on each hop being some form of GMSK I believe (? not sure I remember whether it is GMSK or something else correctly). In addition to SINGCARS, the military has various cell like systems such as MSE - this is secure digital with some level of frequency hopping. Low level military tactical units (platoon level) have recently been fooling around with modified FRS radios for low cost short range coordination between individual troops - these are simple nbfm. And lots of military units use more or less standard civilian type nbfm and secure FSK voice (DES-XL, Fascinator, Indictor, etc) VHF and UHF handheld radios, both in conventional direct and repeater configurations and increasingly in state of the art Astro digital (and mixed digital and analog) trunked systems - including such systems on board Navy carriers and other large ships. On HF in addition to the traditional SSB voice and FSK crypto RTTY, there is now the ANDVT secure digital voice system which uses 39 tone parallel tone data modulation in a SSB voice channel to transmit 2400 baud secure encrypted vocoded voice and data. And lots of 39 tone and 16 tone parallel tone high speed data and serial tone (PSK) high speed (2400 and 4800 baud) data as well. There are also systems that do narrowband and wideband freqeuncy hopping on HF including complex wideband signals 50 khz or more wide - these can supply substantial data rates when conditions are right in NVIS applications. Most military aircraft communication remains AM in VHF (136-144 primarliy) and the traditional 225-400 mhz band, but here too there is available digital signalling and encryption using AM digital modulation (KY-58). And for some time frequency hopping (Have Quick) has been available on UHF with ten or twenty or more hopping channels in the hopping set. Military tactical satcom in UHF (240-310 mhz) is almost all encrypted digital, using filtered FSK, BPSK, and QPSK with and without Forward Error Correction. Much of this is now Demand Assigned Multiple Access (DAMA) with actual transmissions being in timed bursts under control of a master station. As for systems used for higher level communications, much military satcom (DSCS and Milstar) is direct sequence spread spectrum using cryptographic spreading sequences generated from random keys, some of these systems also do frequency hopping. The military, particularly the Navy, also makes considerable use of commercial satcom on commercial satellites using modern QPSK digital modulation with Forward Error Correction to link most larger Navy ships back to shore with Internet (and SIPRNET and INTELINK) and multiple secure digital voice circuits. And tactical data distribution is done with hopped DS spread spectrum signals in L band (JTIDS and Link 16). And various classified systems for control of and return of intelligence from remote vehicles and sensors use a variety of exotic wideband modulations. So the answer to your question is yes, they use virtually every modulation scheme ever fielded somewhere for something. > > Also is Spread Spectrum Modulation (FH, TH ...) > interceptable and breakable? Yes. It becomes very difficult to usefully intercept FH if the hopping patterns are cryptographicly random and the number of hop frequencies in the hopping set is large. Not, however, impossible using lots of processing power if the signal to noise ratio of the signal is good. Intercepting direct sequence spread spectrum and recovering the underlying (digital) modulation requires knowing the spreading sequence. Thus if this is cryptographicly random such interception is essentially impossible without knowlage of the key. Detecting the signal and determining the raw chipping sequence is readily possible given sufficient signal to noise ratio as most DS signals look like very fast BPSK, but detecting such signals many db under the wideband noise floor where they are still readible to legitimate receivers that know the spreading sequence can of course be very challenging. Both FH and DS signals that use known or breakable or guessable hop and/or spreading sequences - such as almost all consumer devices that use spread spectrum - are quite readily interceptable with suitable gear and signal processing software. Needless to say traditional scanners or other receivers aren't much use, but this does not mean that such interception is impossible for those with the right equipment - and anyone evaluating the security such devices should always remember that at the very minimum the devices themselves - which are usually dirt cheap - can receive the signals, so it really does not take tens or hundreds of K of gear if one does things right. > > thanks > > ===== > ======================================= > Jack Miller > Researcher > Paython and Co. > ======================================= ----- End forwarded message ----- -- Dave Emery N1PRE, die@d... DIE Consulting, Weston, Mass. PGP fingerprint = 2047/4D7B08D1 DE 6E E1 CC 1F 1D 96 E2 5D 27 BD B0 24 88 C3 18 3403 From: Craig Snedden Date: Tue Jul 24, 2001 6:45am Subject: Re: Standard message formats? Tim, Something of a specialist subject of mine. Contact me off list with some idea of what you are looking for. Generally there are simply "variations on a theme" and once you know what you are looking at, realising the format is relatively straightforward. Craig craig@d... ----- Original Message ----- From: "Tim" To: Sent: Monday, July 23, 2001 4:06 AM Subject: [TSCM-L] Standard message formats? > I'm searching for documentation regarding standard message formats used > by different world governments for different communications. > > The whys and the whats are what i'm most interested in, but other info > would be great. > > Example: > > The US Navy uses the following standard message format for ship-to-ship > communication (low-bandwidth) > > 0000Z/CRITIC > > FROM blah blah > TO blah blah > > You get the idea. > > Thanks, > Tim > > > > ======================================================== > TSCM-L Technical Security Mailing List > "In a multitude of counselors there is strength" > > To subscribe to the TSCM-L mailing list visit: > http://www.yahoogroups.com/community/TSCM-L > > or email your subscription request to: > subTSCM-L@t... > =================================================== TSKS > > Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ The data contained herein is confidential. Unauthorised dissemination of the contents of this e-mail may be in breach of Criminal and Civil law and may lead to prosecution. 3404 From: James M. Atkinson Date: Wed Jul 25, 2001 11:55am Subject: Performance Evaluations THESE QUOTES WERE TAKEN FROM ACTUAL CORPORATE PERFORMANCE EVALUATIONS. 1. "Since my last report, this employee has reached rock bottom and has started to dig." 2. "I would not allow this employee to breed." 3. "This associate is really not so much of a has-been, but more of a definitely won't be." 4. "This young lady has delusions of adequacy." 5. "Works well when under constant supervision and cornered like rat in a trap." 6. "When she opens her mouth, it seems that this is only to change whichever foot was previously in there." 7. "He sets low personal standards and then consistently fails to achieve them." 8. "This employee is depriving a village somewhere of an idiot." 9. "This employee should go far - and the sooner he starts, the better." THESE ARE ACTUAL LINES FROM MILITARY PERFORMANCE APPRAISALS 1. Got into the gene pool while the lifeguard wasn't watching. 2. A room temperature IQ. 3. Got a full 6-pack, but lacks the plastic thingy to hold it all together. 4. A gross ignoramus -- 144 times worse than an ordinary ignoramus. 5. A photographic memory but with the lens cover glued on. 6. As bright as Alaska in December. 7. Gates are down, the lights are flashing, but the train isn't coming. 8. He's so dense, light bends around him. 9. If he were any more stupid, he'd have to be watered twice a week. 10. It's hard to believe that he beat a 1,000,000 other sperm. 11. Takes him 2 hours to watch 60 minutes. 12. Wheel is turning, but the hamster is dead. -- ------------------------------------------------------------------------------------------------- James M. AtkinsonPhone: (978) 381-9111 Granite Island GroupFax: 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008jmatk@tscm.com ------------------------------------------------------------------------------------------------- The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. ------------------------------------------------------------------------------------------------- 3405 From: Miguel Puchol Date: Wed Jul 25, 2001 4:41pm Subject: Nigerian scam, round II Hi all, From the following page... http://www.goldhaven.com/scam_page/Nigerian1.htm quoted: "Any approach should be reported to the local police with all documents received being handed in. The local police can refer the matter to their INTERPOL National Central Bureau (NCB), who will in turn notify the Nigerian Federal Police." ...regarding the Nigerian scams. So now you know. I still keep a letter sent to us about 8 years ago, as something funny and laughable, aswell as the horrendous print of Nigerian stamps, that seem to be handpainted by kindergarten atendees. BTW James, the quotes from the performance evals got me ROTFL :-) All the best, Mike 3406 From: James M. Atkinson Date: Thu Jul 26, 2001 0:28pm Subject: New Tutorial Online I have a new tutorial online that the list will find of interest. http://www.tscm.com/TSCM102sweepgear.html -jma -- ------------------------------------------------------------------------------------------------- James M. AtkinsonPhone: (978) 381-9111 Granite Island GroupFax: 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008jmatk@tscm.com ------------------------------------------------------------------------------------------------- The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. ------------------------------------------------------------------------------------------------- 3407 From: James M. Atkinson Date: Thu Jul 26, 2001 8:56pm Subject: Get Off The fence Hey Folks, I don't mean to beat a dead horse, but if you are on the fence about grabbing up an OSCOR, ORION, or related accessories you need to do so very soon. The prices jump almost 10% on all orders placed after next Tuesday, so if your on the fence you would do well to get your order submitted ASAP... you have the next three business days. -jma -- ------------------------------------------------------------------------------------------------- James M. AtkinsonPhone: (978) 381-9111 Granite Island GroupFax: 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008jmatk@tscm.com ------------------------------------------------------------------------------------------------- The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. ------------------------------------------------------------------------------------------------- 3408 From: Marvin Date: Thu Jul 26, 2001 4:28pm Subject: Laser tapping thingy I've heard about a kind of device that's supposedly been in use a fair deal. I don't know what to call it but it would tap a location by, through optical means, picking up vibrations caused by sound in windows and other suitable objects near a conversation. Is it real, and how would it be detected? -- { marvin } 3409 From: Rob Muessel Date: Fri Jul 27, 2001 8:58am Subject: Re: Laser tapping thingy It's a nice concept. The laser beam, a continuous wave, strikes the windowpane, for example, and is reflected back off it. It is modulated by the mechnanical vibrations of the window. The beam is demodulated by the receive and, just like that, you have the room conversation. It works under controlled conditions and is very difficult to implement in the field. First, think of the vibration of the window. The beam will be modulated by all of the sound striking the window, not just the room conversation. This includes traffic noise, aircraft, and all other environmental sound. It also includes audio frequency mechanical vibrations carried by the building structure- HVAC blowers, plumbing, elevators, and lots of others. These all tend to mask the room audio and can be difficult to filter. There is also a matter of alignment of the device. The transmitter and receiver really have to be perpendicular to and at the same elevation as the window. The laser beam travels in a straight line and reflects off of the surface and an angle opposite that of the incidence. Think of triangulation of the transmitter and receiver as a banked pool shot, only in three dimensions, not just two. I'm not aware of any legitimate sources for this kind of device. CCS was advertising one a few years ago, but required a deposit of about $25000 if memory serves, before they'd make one. Have said all that, how do you detect one? If it's visible light which would be foolish to use, you'd see a small dot on the window and on some part of the room where the beam landed after passing through the window. If an infrared wavelength is used, detection depends on the wave length. Window glass is transmissive to near IR energy. A number of chip cameras are sensitive in the near IR region and could pinpoint the source. Performance is best at night. If used during the day, the camera should have a filter that block visible light. If the transmitter is in the mid and far IR regions, a device like Raytheon's Palm IR will do the same thing. But window glass is not transissive to these wavelengths, so the search must be made from the exterior of the building. Generally, though, laser listening is not real high on the list of real-life threats. -- Rob Muessel, Director email: rmuessel@t... TSCM Technical Services Phone: 203-354-9040 11 Bayberry Lane Fax: 203-354-9041 Norwalk, CT 06851 USA 3410 From: Marcelrf Date: Fri Jul 27, 2001 2:12am Subject: [Fwd: Urgent attention] Here is the old scam again............ -------- Original Message -------- Subject: Urgent attention Date: Fri, 27 Jul 2001 07:03:54 +0000 From: "Alhaji Idris Bagudu" To: idalibagudu@h... Alhaji Idris Ali Bagudu E-mail: idalibagudu@h... Kano - Nigeria. Dear Sir, May I briefly introduce myself to you. I am Idris Ali Bagudu the son of Alhaji Abubakar Atiku Bagudu a very close associate of the Abacha’s family the late Nigerian Military Head of State, General Sani Abacha who died on the 8th of June 1998. Ever since the death of the General, his family has been facing a lot of problems mostly with the present Civilian Government. Consequently his son (my friend) Mohammed Abacha has been under torture making a lot of confessions as regards valuables, money inclusive that his late father entrusted in his hand for safekeeping. The latest is his confession on the US$700,000,000.00(Seven Hundred Million United States Dollars) cash his late father gave him for safekeeping. Please check Newswatch Magazine of May 8th/15th, 2000 issue on [Website:http://www.newswatchngr.com/] to confirm the above story. Also the recent publication by THISDAY Newspaper on Thursday March 1st Edition, which London Court clear ways for more recovering of Abacha's family looted money. Please confirm this issue on website: http://www.thisdayonline.com/, click the Archive/2001/March 2001/Thursday March 1st. Being a very close friend of Mohammed Abacha, he sometime in 1999 shortly after his father’s death gave me US$60,000,000.00 (Sixty Million United States Dollars) to transfer out of the country. Normally, we (I and Mohammed Abacha) usually do such transaction, by first sending the money out by Cargo to a security company outside Nigeria, as photographic materials. And thereafter go to the security company for claim before transferring it to any bank of our choice. Presently, I cannot travel out of Nigeria, because, if you have gone through the above mentioned website address, you will see how Mohammed Abacha’s confession have implicated my father and in fact the whole of my family (The Bagudu’s). This has actually caused the Federal Government of Nigeria to confiscate our international passports, frozen every of my family member bank accounts both home and abroad, even our properties. My problem now is, since Mohammed Abacha has started confessing I want someone that can assist me to move the US$60,000,000.000 (Sixty Million United State Dollars) out from Nigeria, before Mohammed will open up to the Security Agents. To this regard I am soliciting for your assistance to claim the boxes containing the money in any country outside Nigeria where I can arrange and move the money to. I shall be ready to negotiate with you any percentage you might want from the sum. On your advice, I shall be ready to invest my own share of the sum in your country. I assure you that there will be no problems at all in the course of moving out the money. I shall give you details as soon as you accept assisting me. Please kindly contact me on my e-mail:idalibagudu@h.... I shall so much appreciate your immediate response for full details of the business. Thanking you in anticipation to your kind understanding and cooperation. Please when replying send me your private telephone and fax numbers. You can reply to the mail address above. Best Regards, Alhaji Idris Ali Bagudu. _________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp 3411 From: Ray Van Staden Date: Thu Jul 26, 2001 11:15pm Subject: INTERCEPTION & MONITORING BILL - SOUTH AFRICA The South African government wants to pass a bill called the "Interception and monitoring bill". http://www.polity.org.za/govdocs/pr/2001/pr0718c.html INTERCEPTION AND MONITORING BILL Issued by: Parliament of the Republic of South Africa 18 July 2001 Press statement issued by Adv. Johnny de Lange, MP and Chairperson of the Portfolio Committee on Justice & Constitutional Development. The Interception and Monitoring Bill has been introduced in Parliament and is referred to the Portfolio Committee on Justice and Constitutional Development for consideration. The Bill aims to regulate the interception and Monitoring of certain communications; to provide for interception of postal articles and communications and for the monitoring of communications in the case of a serious offence or if the security or other compelling national interests of the republic are threatened; to prohibit the provision of certain telecommunication services which do not have the capacity to be monitored; to regulate authorised telecommunications monitoring; and to provide for matters connected therewith. If any person or organisation would like to make written representations on the Interception and Monitoring Bill he or she should do so by no later than 13 August 2001. Anyone who would like to give further oral evidence to the Committee in regard to his or her written submissions should notify the Committee by no later than 13 August 2001. If the need should arise public hearings will provisionally be scheduled to take place during the third term of parliament in 2001. The Committee requests all persons and institutions that wish to send submissions to make 30 copies available to the Committee, if possible. It should be pointed out that the Committee reserves the right to decide: Whether or not to hold public hearings on the Bill Whether or not to give individuals or representatives of organisations the opportunity to appear before it, and The date, time, venue, duration and form of the hearing. All correspondence in this regard should be addressed to: The Secretary to Parliament PO Box 15 Cape Town 8000 All correspondence should be marked for the attention of Collette Herzenberg or Zodwa Zenzile (fax 021-462 2142). Copies of the Bill may, upon availability, be obtained from Ms Herzenberg and Ms Zenzile. Issued by Adv Johnny de Lange, MP Contact Zodwa Zenzile (izenzile@p...) Tel: 021-403 3660 Collette Herzenberg (cherzenberg@p...) Tel: 021-403 3669 --- From the desk of Raymond van Staden Van Staden and Associates cc Tel: +27 (0)31 916-1262 Fax: +27 (0)31 916-1263 Email: raymond@v... Internet: http://www.vanstaden.co.za 3412 From: Steve Uhrig Date: Fri Jul 27, 2001 11:48am Subject: Re: Urgent attention Once upon a midnight dreary, Marcelrf pondered, weak and weary: > Here is the old scam again............ > May I briefly introduce myself to you. I am Idris Ali Bagudu the > son of Alhaji Abubakar Atiku Bagudu a very close associate of the > Abacha’s family the late Nigerian Military Head of State, General > Sani Abacha who died on the 8th of June 1998. Anyone active in international operations, or probably just the web in general anymore, sees several of these a week. It's just a waste of time and bandwidth to keep commenting on them. The same as all the virus warnings. Please, no more references to these scams. They're news to no one anymore. Steve ******************************************************************* Steve Uhrig, SWS Security, Maryland (USA) Mfrs of electronic surveillance equip mailto:Steve@s... website http://www.swssec.com tel +1+410-879-4035, fax +1+410-836-1190 "In God we trust, all others we monitor" ******************************************************************* 3413 From: James M. Atkinson Date: Fri Jul 27, 2001 5:51pm Subject: PROPOSED VIRGINIA TSCM COUNTERINTELLIGENCE APPLICATION Due to all the requests for information regarding TSCM permits in the various state here is the following proposed application form. --------------------------------- PROPOSED VIRGINIA TSCM COUNTERINTELLIGENCE APPLICATION Last name: ________________ First name: (Check appropriate box) [_] Billy-Bob [_] Bobby-Sue [_] Billy-Joe [_] Bobby-Jo [_] Billy-Ray [_] Bobby-Ann [_] Billy-Sue [_] Bobby-Lee [_] Billy-Mae [_] Bobby-Ellen [_] Billy-Jack [_] Bobby-Beth Ann Sue Age: ____ (if unsure, guess) Sex: ____ M _____ F _____ Not sure Shoe Size: ____ Left ____ Right ____ Middle Occupation: [_] Farmer [_] Mechanic [_] Hair Dresser [_] Waitress [_] Un-employed [_] Dirty Politician Spouse's Name: __________________________ 2nd Spouse's Name: __________________________ 3rd Spouse's Name: __________________________ Lover's Name: __________________________ 2nd Lover's Name: __________________________ Relationship with spouse: [_] Sister [_] Aunt [_] Brother [_] Uncle [_] Mother [_] Son [_] Father [_] Daughter [_] Cousin [_] Pet Number of children living in household: ___ Number of children living in shed: ___ Number of children that are yours: ___ Mother's Name: _______________________ Father's Name: _______________________(If not sure, leave blank) Education: 1 2 3 4 (Circle highest grade completed) Do you [_] own or [_] rent your mobile home? (Check appropriate box) Vehicles you own and where you keep them: ___ Total number of vehicles you own ___ Number of vehicles that still crank ___ Number of vehicles in front yard ___ Number of vehicles in back yard ___ Number of vehicles on cement blocks Firearms you own and where you keep them: ____ truck ____ kitchen ____ bedroom ____ bathroom ____ shed Model and year of your pickup: _____________ 194__ Do you have a gun rack? [_] Yes [_] No; If no, please explain: Newspapers/magazines you subscribe to: [_] The National Enquirer [_] The Globe [_] TV Guide [_] Soap Opera Digest [_] Rifle and Shotgun ___ Number of times you've seen a UFO ___ Number of times you've seen Elvis ___ Number of times you've seen Elvis in a UFO ___ Number of times you've pretended to be Elvis How often do you bathe: [_] Weekly [_] Monthly [_] Not Applicable How many teeth? ___ Color of teeth: [_] Yellow [_] Brownish-Yellow [_] Brown [_] Black [_] N/A Brand of chewing tobacco you prefer: [_] Red-Man How far is your home from a paved road? [_] 1 mile [_] 2 miles [_] don't know How often are black helicopters flying over your trailer? [_] hourly [_] daily [_] weekly [_] don't know because they're stealth helicopters Do signs near you have covert NATO maps on them yet? [_] no [_] yes Is your telephone tapped by the government? [_] no [_] yes [_] yes, because my line voltage is under 46 volts [_] yes, because the government told me so [_] yes, because Elvis told me so [_] don't know What is the current national wiretap test number? [_] (800) 692-6447 [_] (703) 351-2505 [_] (800) 432-6600 [_] (202) 231-8857 [_] don't know What is touch tone code to deactivate or cancel a wiretap? [_] 1157 [_] 2222 [_] 1166 [_] *89 [_] don't know What TSCM training have you completed? [_] two week course (expert course) [_] one week course (required basic course) [_] half day certification course [_] one day seminar during Soldier of Fortune convention [_] taught TSCM by Elvis while abducted by aliens [_] what training What TSCM equipment do you own? [_] digital voltmeter [_] CPM-700 [_] linemans craft set [_] linemans tone generator [_] linemans tone tracer [_] punch tool [_] spy shop bug and wiretap detector [_] universal bug and wiretap detector [_] what equipment -- ------------------------------------------------------------------------------------------------- James M. AtkinsonPhone: (978) 381-9111 Granite Island GroupFax: 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008jmatk@tscm.com ------------------------------------------------------------------------------------------------- The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. ------------------------------------------------------------------------------------------------- 3414 From: Jack Miller Date: Sat Jul 28, 2001 6:07am Subject: tapping fiber optic cables!! Are fiber optic cables tappeble with out cutting the cable and inserting something in between? is there a similar method like with copper wires were you use induction to tap it? thanks ===== ======================================= Jack Miller Researcher Paython and Co. ======================================= __________________________________________________ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/ 3415 From: James M. Atkinson Date: Sat Jul 28, 2001 11:54am Subject: Re: tapping fiber optic cables!! Jack, Yes, fiber optic cables can be very easily tapped my creating a micro-crack in the cladding and simply collecting the light that bleeds out with a purpose built adapter. Fiber optic cables an also be easily tapped buy removing a small amount of cladding and fusing a secondary fiber to the target line. Such a tap would not break the target line, but a loss measurement would note a sub 1dB variation in the signal. In fact a common pieces of fiber optic called a "LID" of "Local Signal Injection and Detection" does just that where a non interfering test signal in pushed into a cable (without breaking it), and then measured some distance out to see how a segment of cable behaves. The cleanest way is to cut the line, insert a splitter (wave-guide division multiplexer), and thus minimize signal loss. -jma At 4:07 AM -0700 7/28/01, Jack Miller wrote: >Are fiber optic cables tappeble with out cutting the >cable and inserting something in between? is there a >similar method like with copper wires were you use >induction to tap it? > > >thanks > >===== >======================================= >Jack Miller >Researcher >Paython and Co. >======================================= -- ------------------------------------------------------------------------------------------------- James M. AtkinsonPhone: (978) 381-9111 Granite Island GroupFax: 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008jmatk@tscm.com ------------------------------------------------------------------------------------------------- The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. ------------------------------------------------------------------------------------------------- 3416 From: Dave Emery Date: Sat Jul 28, 2001 1:12pm Subject: Re: tapping fiber optic cables!! On Sat, Jul 28, 2001 at 12:54:26PM -0400, James M. Atkinson wrote: > Jack, > > Yes, fiber optic cables can be very easily tapped my creating a > micro-crack in the cladding and simply collecting the light that > bleeds out with a purpose built adapter. > Generally if you bend a fiber with a sharp enough bend some light will leak out of it in the vicinty of the bend. I am not sure whether the physical mechanism here is micro-cracks in the cladding or more fundementatlly related to the electromagnetics of the fiber cladding waveguide, but I do know that there are standard jig devices that clamp on a fiber and bend it in a controlled radius - these allow recovery of enough light light to make measurements of fiber characteristics and identify particular fibers in a bundle. In fact there are handheld devices for doing this in the field - 1 khz modulated light is stuffed in one end of a fiber and the lineman are able to trace it all the way to the other end by clamping the fiber in the handheld device and listening for the tone on a speaker - these devices also can detect normal traffic on the fiber and indicate they found that rather than the tone. > Fiber optic cables an also be easily tapped buy removing a small > amount of cladding and fusing a secondary fiber to the target line. > Such a tap would not break the target line, but a loss measurement > would note a sub 1dB variation in the signal. > This is more or less the standard approach as I understand it... > In fact a common pieces of fiber optic called a "LID" of "Local > Signal Injection and Detection" does just that where a non > interfering test signal in pushed into a cable (without breaking it), > and then measured some distance out to see how a segment of cable > behaves. > > The cleanest way is to cut the line, insert a splitter (wave-guide > division multiplexer), and thus minimize signal loss. But the cut line will set off alarms... > > -jma > > > > At 4:07 AM -0700 7/28/01, Jack Miller wrote: > >Are fiber optic cables tappeble with out cutting the > >cable and inserting something in between? is there a > >similar method like with copper wires were you use > >induction to tap it? > > > > > >thanks > > > >===== > >======================================= > >Jack Miller > >Researcher > >Paython and Co. > >======================================= > > > -- > > ------------------------------------------------------------------------------------------------- > James M. AtkinsonPhone: (978) 381-9111 > Granite Island GroupFax: > 127 Eastern Avenue #291http://www.tscm.com/ > Gloucester, MA 01931-8008jmatk@tscm.com > ------------------------------------------------------------------------------------------------- > The First, The Largest, The Most Popular, and The Most Complete TSCM, > Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. > ------------------------------------------------------------------------------------------------- > > > ======================================================== > TSCM-L Technical Security Mailing List > "In a multitude of counselors there is strength" > > To subscribe to the TSCM-L mailing list visit: > http://www.yahoogroups.com/community/TSCM-L > > or email your subscription request to: > subTSCM-L@t... > =================================================== TSKS > > Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ > -- Dave Emery N1PRE, die@d... DIE Consulting, Weston, Mass. PGP fingerprint = 2047/4D7B08D1 DE 6E E1 CC 1F 1D 96 E2 5D 27 BD B0 24 88 C3 18 3417 From: Gordon Mitchell Date: Sun Jul 29, 2001 0:05am Subject: Re: tapping fiber optic cables!! Microcracks only cause fiber breakage, not light leakage. By the time a crack gets from the surface of a 125 micron diameter fiber to the region in the center (typically 10 micron diameter) where light is the fiber is broken! 'most all fibers in use today are single mode (they really guide 2 hybrid modes but are still called single mode). In these fibers the difference in core and cladding refractive index is small, the fibers typically have a numerical aperture of about 0.1. Because of this low NA bending does cause losses. When the fiber is bent with a radius of a cm or so lots of light leaks out. Half a dozen wraps around a pencil will cause loss of virtually all the light in the fiber. This light is lost from guided modes to the radiation spectrum. It strikes the clad/buffer interface and subsequently any cabling. Small count cables often fibers are often surrounded by hytrel, a bit of kevlar and IR transparent jackets. This allows the light to leak out inefficiently. The light injection and detection systems discussed below don't actually work in these circumstances they need access to the buffer. Of course normal telco fiber cables (with more than 100 fibers) are not easily tapped by bending. There are a number of schemes used for alarming fibers. This is not normally done in commercial applications. The simplest uses an optical time domain reflectometer. It sends a pulse of light down the fiber and watches Rayleigh scattering from the silica. The scattered light will sharply decrease at a bend... sometimes a reflection will be induced if the bend is sharp. Other alarming schemes observe basic characteristics of the fiber that are sensitive disturbances which would remove light. Fiber tapping is not quite as simple as putting a sniffer on a slow 100 MB ethernet cable. It requires a high speed system to manage the received information. Since an eavesdropper can cause damage with imperfect information he can work with less light than the intended recipient. An eavesdropper with a 10^-3 bit error rate is a significant threat whereas normal systems want better than a 10^9 bit error rate. This combined with the attenuation of the fiber means that an intruder near the transmitter doesn't need a large fraction of the light to steal information. This is why just monitoring received end signal strength is not an effective alarm. Fibers have a significant advantage over wires, however. An intruder must touch the fiber to get light out. That means that a physical inspection is more valuable for fiber systems than for wires carrying sensitive information. Gordon Mitchell Electronic eavesdropping detection & finding clues in computers. (425) 489-0446 Dave Emery wrote: > > On Sat, Jul 28, 2001 at 12:54:26PM -0400, James M. Atkinson wrote: > > Jack, > > > > Yes, fiber optic cables can be very easily tapped my creating a > > micro-crack in the cladding and simply collecting the light that > > bleeds out with a purpose built adapter. > > > Generally if you bend a fiber with a sharp enough bend some > light will leak out of it in the vicinty of the bend. I am not sure > whether the physical mechanism here is micro-cracks in the cladding or > more fundementatlly related to the electromagnetics of the fiber > cladding waveguide, but I do know that there are standard jig devices > that clamp on a fiber and bend it in a controlled radius - these allow > recovery of enough light light to make measurements of fiber > characteristics and identify particular fibers in a bundle. In fact > there are handheld devices for doing this in the field - 1 khz modulated > light is stuffed in one end of a fiber and the lineman are able to trace > it all the way to the other end by clamping the fiber in the handheld > device and listening for the tone on a speaker - these devices also can > detect normal traffic on the fiber and indicate they found that rather > than the tone. > > > Fiber optic cables an also be easily tapped buy removing a small > > amount of cladding and fusing a secondary fiber to the target line. > > Such a tap would not break the target line, but a loss measurement > > would note a sub 1dB variation in the signal. > > > This is more or less the standard approach as I understand it... > > > In fact a common pieces of fiber optic called a "LID" of "Local > > Signal Injection and Detection" does just that where a non > > interfering test signal in pushed into a cable (without breaking it), > > and then measured some distance out to see how a segment of cable > > behaves. > > > > The cleanest way is to cut the line, insert a splitter (wave-guide > > division multiplexer), and thus minimize signal loss. > > But the cut line will set off alarms... > > > > > -jma > > > > > > > > At 4:07 AM -0700 7/28/01, Jack Miller wrote: > > >Are fiber optic cables tappeble with out cutting the > > >cable and inserting something in between? is there a > > >similar method like with copper wires were you use > > >induction to tap it? > > > > > > > > >thanks > > > > > >===== > > >======================================= > > >Jack Miller > > >Researcher > > >Paython and Co. > > >======================================= > > > > > > -- > > > > ------------------------------------------------------------------------------------------------- > > James M. Atkinson Phone: (978) 381-9111 > > Granite Island Group Fax: > > 127 Eastern Avenue #291 http://www.tscm.com/ > > Gloucester, MA 01931-8008 jmatk@tscm.com > > ------------------------------------------------------------------------------------------------- > > The First, The Largest, The Most Popular, and The Most Complete TSCM, > > Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. > > ------------------------------------------------------------------------------------------------- > > > > > > ======================================================== > > TSCM-L Technical Security Mailing List > > "In a multitude of counselors there is strength" > > > > To subscribe to the TSCM-L mailing list visit: > > http://www.yahoogroups.com/community/TSCM-L > > > > or email your subscription request to: > > subTSCM-L@t... > > =================================================== TSKS > > > > Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ > > > > -- > Dave Emery N1PRE, die@d... DIE Consulting, Weston, Mass. > PGP fingerprint = 2047/4D7B08D1 DE 6E E1 CC 1F 1D 96 E2 5D 27 BD B0 24 88 C3 18 > > > ======================================================== > TSCM-L Technical Security Mailing List > "In a multitude of counselors there is strength" > > To subscribe to the TSCM-L mailing list visit: > http://www.yahoogroups.com/community/TSCM-L > > or email your subscription request to: > subTSCM-L@t... > =================================================== TSKS > > Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 3418 From: Talisker Date: Sun Jul 29, 2001 6:54am Subject: Re: tapping fiber optic cables!! Jack In my limited experience cutting the fibres sets of an alarm, which is then reset and ignored. Every kind of tap I know involves cutting the cladding which reduces the light received at the distant end, this in itself will either set of an alarm with the correct fibre transceiver or will be detected the next time you run an Optical Time Domain Reflectometer (OTDM) over it. What I'm trying to say is that your tap could be detected therefore why not use something designed for the purpose ie http://www.shomiti.com/products/taps/index.html Though as I mentioned in my first sentence a temporary cut or a small detected dB loss may be ignored. Happy Tapping! -andy http://www.networkintrusion.co.uk Talisker's Network Security Tools List Security Tools Notification http://groups.yahoo.com/group/security-tools/join ----- Original Message ----- From: "Jack Miller" To: Sent: Saturday, July 28, 2001 12:07 PM Subject: [TSCM-L] tapping fiber optic cables!! > Are fiber optic cables tappeble with out cutting the > cable and inserting something in between? is there a > similar method like with copper wires were you use > induction to tap it? > > > thanks > > ===== > ======================================= > Jack Miller > Researcher > Paython and Co. > ======================================= > > __________________________________________________ > Do You Yahoo!? > Make international calls for as low as $.04/minute with Yahoo! Messenger > http://phonecard.yahoo.com/ > > > > ======================================================== > TSCM-L Technical Security Mailing List > "In a multitude of counselors there is strength" > > To subscribe to the TSCM-L mailing list visit: > http://www.yahoogroups.com/community/TSCM-L > > or email your subscription request to: > subTSCM-L@t... > =================================================== TSKS > > Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ > > > 3419 From: Talisker Date: Sun Jul 29, 2001 0:54pm Subject: Re: tapping fiber optic cables!! deeper Apologies for my last mail, it was poorly explained, by way of an excuse I was camping with 2,500 scouts last night and the rascals didn't let me sleep I should have said that many fibre transceivers can be set to alarm if the signal drops by a preset level, as a matter of course signal levels degrade for a variety of reasons from wear and tear, x-rays in hospitals to rodents etc. A net admin dealing with hundreds of such links soon falls victim to a multitude of false positives and ignores them, only reacting to dead links. Even with dead links they occasionally come back to life after resetting the line driver card. Therefore if you were to tap a link through refracting some of the signal out, it may be ignored, but by the same token cutting the line inserting a tap may also be ignored. I seem to be concentrating on attack methods, so what can you do to counter the problem. Give the net admin sufficient time to investigate all alarms, and introduce severe penalties for not doing so, better still pass such alarms to a network security guy. When the fibres are installed make sure you retain the OTDR printouts, then schedule periodic OTDR repeats and compare the two. The printout will tell you how much and where the fibre throughput has altered. As the printout will be a measurement it's also crucial to have a precise plan from the installers of which route it takes. eg 5 dB loss 150Metres from term A. This will allow you to go directly to (ish) to the spot. If your data is so valuable, then use transparent trunking and ensure the trunking is visible throughout the run, this is very aesthetically displeasing but effective for policing the run. If this is still unclear please let me know, or if you think I'm talking **** take care -andy http://www.networkintrusion.co.uk Talisker's Network Security Tools List Security Tools Notification http://groups.yahoo.com/group/security-tools/join ----- Original Message ----- From: "Talisker" To: ; "Jack Miller" Sent: Sunday, July 29, 2001 12:54 PM Subject: Re: [TSCM-L] tapping fiber optic cables!! > Jack > > In my limited experience cutting the fibres sets of an alarm, which is then > reset and ignored. Every kind of tap I know involves cutting the cladding > which reduces the light received at the distant end, this in itself will > either set of an alarm with the correct fibre transceiver or will be > detected the next time you run an Optical Time Domain Reflectometer (OTDM) > over it. > > What I'm trying to say is that your tap could be detected therefore why not > use something designed for the purpose ie > http://www.shomiti.com/products/taps/index.html > > Though as I mentioned in my first sentence a temporary cut or a small > detected dB loss may be ignored. > > Happy Tapping! > > -andy > http://www.networkintrusion.co.uk > Talisker's Network Security Tools List > > Security Tools Notification > http://groups.yahoo.com/group/security-tools/join > ----- Original Message ----- > From: "Jack Miller" > To: > Sent: Saturday, July 28, 2001 12:07 PM > Subject: [TSCM-L] tapping fiber optic cables!! > > > > Are fiber optic cables tappeble with out cutting the > > cable and inserting something in between? is there a > > similar method like with copper wires were you use > > induction to tap it? > > > > > > thanks > > > > ===== > > ======================================= > > Jack Miller > > Researcher > > Paython and Co. > > ======================================= > > > > __________________________________________________ > > Do You Yahoo!? > > Make international calls for as low as $.04/minute with Yahoo! Messenger > > http://phonecard.yahoo.com/ > > > > > > > > ======================================================== > > TSCM-L Technical Security Mailing List > > "In a multitude of counselors there is strength" > > > > To subscribe to the TSCM-L mailing list visit: > > http://www.yahoogroups.com/community/TSCM-L > > > > or email your subscription request to: > > subTSCM-L@t... > > =================================================== TSKS > > > > Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ > > > > > > > > > > ======================================================== > TSCM-L Technical Security Mailing List > "In a multitude of counselors there is strength" > > To subscribe to the TSCM-L mailing list visit: > http://www.yahoogroups.com/community/TSCM-L > > or email your subscription request to: > subTSCM-L@t... > =================================================== TSKS > > Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ > > > 3420 From: Mike Dever Date: Mon Jul 30, 2001 11:56am Subject: Products for Protection of Fibre Optic Cables Members of the group might be interested to check out the following web site for products which can protect Fibre Optic cables against interference: http://www.fft.com.au Regards Mike Dever CPP Canberra Australia [Non-text portions of this message have been removed] 3421 From: Date: Sun Jul 29, 2001 4:53pm Subject: **ALERT: Code Red Is Set to Come Storming Back!** SANS Security Alert. Code Red Is Set to Come Storming Back! SANS, Microsoft, the NIPC, CERT/CC and four other leading security organizations released the following alert today at 4 pm. EDT. A Very Real and Present Threat to the Internet: July 31 Deadline For Action Summary: The Code Red Worm and mutations of the worm pose a continued and serious threat to Internet users. Immediate action is required to combat this threat. Users who have deployed software that is vulnerable to the worm (Microsoft IIS Versions 4.0 and 5.0) must install, if they have not done so already, a vital security patch. How Big Is The Problem? On July 19, the Code Red worm infected more than 250,000 systems in just 9 hours. The worm scans the Internet, identifies vulnerable systems, and infects these systems by installing itself. Each newly installed worm joins all the others causing the rate of scanning to grow rapidly. This uncontrolled growth in scanning directly decreases the speed of the Internet and can cause sporadic but widespread outages among all types of systems. Code Red is likely to start spreading again on July 31st, 2001 8:00 PM EDT and has mutated so that it may be even more dangerous. This spread has the potential to disrupt business and personal use of the Internet for applications such as electronic commerce, email and entertainment. Who Must Act? Every organization or person who has Windows NT or Windows 2000 systems AND the IIS web server software may be vulnerable. IIS is installed automatically for many applications. If you are not certain, follow the instructions attached to determine whether you are running IIS 4.0 or 5.0. If you are using Windows 95, Windows 98, or Windows Me, there is no action that you need to take in response to this alert. What To Do If You Are Vulnerable? a. To rid your machine of the current worm, reboot your computer. b. To protect your system from re-infection: Install Microsoft's patch for the Code Red vulnerability problem: Windows NT version 4.0: http://www.microsoft.com/Downloads/Release.asp?ReleaseID=30833 Windows 2000 Professional, Server and Advanced Server: http://www.microsoft.com/Downloads/Release.asp?ReleaseID=30800 Step-by-step instructions for these actions are posted at www.digitalisland.net/codered Microsoft's description of the patch and its installation, and the vulnerability it addresses is posted at: http://www.microsoft.com/technet/treeview/default.asp?url= /technet/security/bulletin/MS01-033.asp Because of the importance of this threat, this alert is being made jointly by: Microsoft The National Infrastructure Protection Center Federal Computer Incident Response Center (FedCIRC) Information Technology Association of America (ITAA) CERT Coordination Center SANS Institute Internet Security Systems Internet Security Alliance Bill Schneid Criminologist Director of Special Operations GLOBAL PROJECTS, LTD. Investigative Research Analysts Marina del Rey, California 310.314.8760 http://globalprojectsltd.com