Re: [Cryptocollectors] STU III 2500
On Thu, 11 Jan 2007 06:30:08 -0500 Richard Brisson [EMAIL PROTECTED] wrote: Good morning all, Available to those in the U.S., STU-III 2500 with manual and AC adapter (and perhaps even a key in the plastic bag but it's not stated nor obvious) on eBay: 330073910569 It appears to be a Type 2 encryptor (sensitive-but-unclassified traffic), according to http://packetstormsecurity.org/apoc2k/cue/comsec --Steve Bellovin, http://www.cs.columbia.edu/~smb - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: [Cryptocollectors] STU III 2500
Richard Brisson wrote: Good morning all, Available to those in the U.S., STU-III 2500 with manual and AC adapter (and perhaps even a key in the plastic bag but it's not stated nor obvious) on eBay: 330073910569 This is the first auction I've looked at where eBay is anonymizing the bidder list. It's probably a general policy, but interesting that the first one I saw was for crypto gear. -- Roy M. Silvernail is [EMAIL PROTECTED], and you're not It's just this little chromium switch, here. - TFT CRM114-procmail-/dev/null-bliss http://www.rant-central.com - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: A web site that believes in crypto
On Wed, Jan 10, 2007 at 06:31:21PM -0500, Steven M. Bellovin wrote:
I just stumbled on a web site that strongly believes in crypto --
*everything* on the site is protected by https. If you go there via
http, you receive a Redirect. The site? www.cia.gov:
$ telnet www.cia.gov 80
Trying 198.81.129.100...
Connected to www.odci.gov.
Escape character is '^]'.
GET / HTTP/1.0
HTTP/1.0 301 Found
Location: https://www.cia.gov/
Their public email gateways don't believe in crypto nearly as much as
cs.columbia.edu does.
$ for d in cia.gov cs.columbia.edu; do
echo; dig +sho -t mx $d | sort +0n |
tee /dev/tty |
perl -lne 'm{(\S+)\.$} print $1' |
while read h; do echo; smtp-finger -t [$h] $d 21 |
perl -lne 'print unless (/^-{5}BEGIN/ .. /^-{5}END/);'; done; done
5 mail2.ucia.gov.
10 mail1.ucia.gov.
smtp-finger: Connected to mail2.ucia.gov[198.81.129.148]:25
smtp-finger: 220 mail2b.ucia.gov ESMTP
smtp-finger: EHLO amnesiac.ms.com
smtp-finger: 250-mail2b.ucia.gov
smtp-finger: 250-8BITMIME
smtp-finger: 250 SIZE 104857600
smtp-finger: Connected to mail1.ucia.gov[198.81.129.68]:25
smtp-finger: 220 mail1a.ucia.gov ESMTP
smtp-finger: EHLO amnesiac.ms.com
smtp-finger: 250-mail1a.ucia.gov
smtp-finger: 250-8BITMIME
smtp-finger: 250 SIZE 104857600
100 cs.columbia.edu.
200 ober.cs.columbia.edu.
200 opus.cs.columbia.edu.
smtp-finger: Connected to cs.columbia.edu[128.59.16.20]:25
smtp-finger: 220 cs.columbia.edu ESMTP Sendmail (8.12.10/22/jtt/sed/ib42)
is thrilled to serve you at Sat, 13 Jan 2007 13:27:13 -0500 (EST).
smtp-finger: EHLO amnesiac.ms.com
smtp-finger: 250-cs.columbia.edu Hello amnesiac.ms.com [192.0.2.1],
pleased to meet you
smtp-finger: 250-ENHANCEDSTATUSCODES
smtp-finger: 250-PIPELINING
smtp-finger: 250-EXPN
smtp-finger: 250-VERB
smtp-finger: 250-8BITMIME
smtp-finger: 250-SIZE 2500
smtp-finger: 250-DSN
smtp-finger: 250-ETRN
smtp-finger: 250-STARTTLS
smtp-finger: 250-DELIVERBY
smtp-finger: 250 HELP
smtp-finger: STARTTLS
smtp-finger: 220 2.0.0 Ready to start TLS
smtp-finger: certificate verification failed for
cs.columbia.edu[128.59.16.20]:25: untrusted issuer /C=US/O=Equifax Secure
Inc./CN=Equifax Secure Global eBusiness CA-1
smtp-finger: TLSv1 connection to
cs.columbia.edu(cs.columbia.edu[128.59.16.20]:25) with cipher
DHE-RSA-AES256-SHA (256/256 bits)
smtp-finger: EHLO amnesiac.ms.com
smtp-finger: 250-cs.columbia.edu Hello amnesiac.ms.com [192.0.2.1],
pleased to meet you
smtp-finger: 250-ENHANCEDSTATUSCODES
smtp-finger: 250-PIPELINING
smtp-finger: 250-EXPN
smtp-finger: 250-VERB
smtp-finger: 250-8BITMIME
smtp-finger: 250-SIZE 2500
smtp-finger: 250-DSN
smtp-finger: 250-ETRN
smtp-finger: 250-AUTH PLAIN LOGIN
smtp-finger: 250-DELIVERBY
smtp-finger: 250 HELP
smtp-finger: Unverified: subject_CN=cs.columbia.edu, issuer=Equifax Secure
Global eBusiness CA-1
smtp-finger: Server session id:
8EA8B66A9DCCA0903BF75B7FC71316CE201330A0B1B09114FB6BE15E25AA9827
smtp-finger: Common Name: cs.columbia.edu: matched
---
Certificate chain
0
s:/C=US/O=cs.columbia.edu/OU=https://services.choicepoint.net/get.jsp?GT1305/OU=See
www.geotrust.com/quickssl/cps (c)04/OU=Domain Control Validated - This is a
GeoTrust QuickSSL Premium(R) Certificate/CN=cs.columbia.edu
i:/C=US/O=Equifax Secure Inc./CN=Equifax Secure Global eBusiness CA-1
smtp-finger: Connected to ober.cs.columbia.edu[128.59.18.100]:25
smtp-finger: 220 ober.cs.columbia.edu ESMTP Sendmail
(8.12.10/22/jtt/sed/ib42) is thrilled to serve you at Sat, 13 Jan 2007 13:27:14
-0500 (EST).
smtp-finger: EHLO amnesiac.ms.com
smtp-finger: 250-ober.cs.columbia.edu Hello amnesiac.ms.com [192.0.2.1],
pleased to meet you
smtp-finger: 250-ENHANCEDSTATUSCODES
smtp-finger: 250-PIPELINING
smtp-finger: 250-EXPN
smtp-finger: 250-VERB
smtp-finger: 250-8BITMIME
smtp-finger: 250-SIZE 2500
smtp-finger: 250-DSN
smtp-finger: 250-ETRN
smtp-finger: 250-STARTTLS
smtp-finger: 250-DELIVERBY
smtp-finger: 250 HELP
smtp-finger: STARTTLS
smtp-finger: 220 2.0.0 Ready to start TLS
smtp-finger: certificate verification failed for
ober.cs.columbia.edu[128.59.18.100]:25: untrusted issuer /C=US/O=Equifax Secure
Inc./CN=Equifax Secure Global eBusiness CA-1
smtp-finger: TLSv1 connection to
ober.cs.columbia.edu(ober.cs.columbia.edu[128.59.18.100]:25) with cipher
DHE-RSA-AES256-SHA (256/256 bits)
smtp-finger: EHLO amnesiac.ms.com
smtp-finger: 250-ober.cs.columbia.edu Hello amnesiac.ms.com [192.0.2.1],
pleased to meet you
smtp-finger: 250-ENHANCEDSTATUSCODES
smtp-finger: 250-PIPELINING
smtp-finger: 250-EXPN
smtp-finger: 250-VERB
smtp-finger:
Re: Banking Follies
Citibank send me periodic reminders to switch to an electronic-only statement so that I am better protected against identity theft. John Cleese saying explain the logic underlying this conclusion in the cheese shop sketch comes to mind... The return address for the email message, although appearing to be from citibank.com, is linked to a black hole or some other information sink. /ji - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
SSL Server needs access to raw HTTP data (Request for adivce)
Hello, I was hoping someone on this list could provide me with a link to a tool that would enable me to dump the raw HTTP data from a web request that uses SSL/HTTPS. I have full access to the server, but not to the client, and I want to know exactly/precisely what the client is transmitting. I've considered a few options, including eg... using apache_request_header() from php Need to have php installed as module, which I don't. Also, not sure it would give me the complete RAW stream that I want and didn't want to waste my time installing a test server if it wasn't going to fully work. eg... tried using openssl s_server -accept 443 -WWW -debug -msg This option didn't seem to display/dump the raw HTTP stream. I could not locate an option that would enable seeing this information. I've been searching google for hours for some sort of tool to no avail. If I don't find a reasonable/quick option, my next solution is going to be to hack the s_server.c file from openssl and add the necessary statements to dump the desired stream. I'm not too excited about this option, but I suppose if that's the best option I have, then so be it. :) Thanks in advance for any advice. Richard - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Molecular Keypad Lock
http://www.sciencedaily.com/releases/2007/01/070108094028.htm - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: SSL Server needs access to raw HTTP data (Request for adivce)
Am Samstag, den 13.01.2007, 19:03 -0800 schrieb Richard Powell: I was hoping someone on this list could provide me with a link to a tool that would enable me to dump the raw HTTP data from a web request that uses SSL/HTTPS. I have full access to the server, but not to the client, and I want to know exactly/precisely what the client is transmitting. I think http://www.rtfm.com/ssldump/ should do the job. But this only works in some configurations. signature.asc Description: Dies ist ein digital signierter Nachrichtenteil
Re: [Cryptocollectors] STU III 2500
On 13 Jan 2007, at 16:33, Roy M. Silvernail wrote: Richard Brisson wrote: Good morning all, Available to those in the U.S., STU-III 2500 with manual and AC adapter (and perhaps even a key in the plastic bag but it's not stated nor obvious) on eBay: 330073910569 This is the first auction I've looked at where eBay is anonymizing the bidder list. It's probably a general policy, but interesting that the first one I saw was for crypto gear. The first one I saw was the one for the USSR Mig-21: http://cgi.ebay.com/ebaymotors/MiG-21F-USSR-Military- Aircraft_W0QQitemZ120071699871QQihZ002QQcategoryZ26428QQrdZ1QQcmdZViewIt em -- Rui Paulo - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: [Cryptocollectors] STU III 2500
On 1/13/07, Roy M. Silvernail [EMAIL PROTECTED] wrote: This is the first auction I've looked at where eBay is anonymizing the bidder list. It's probably a general policy, but interesting that the first one I saw was for crypto gear. That's the eBay Private Listing option. Often used in auctions of adult materials. -- Taral [EMAIL PROTECTED] You can't prove anything. -- Gödel's Incompetence Theorem - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
