lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <200308041419.h74EJV6b021127@idoru.cybermancer.org>
From: orochford at cybermancer.org (Orochford)
Subject: Microsoft win2003server phone home

Hello,
the subject has been discussed thoroughly for years, inclusing in court
rooms and legal disputes.
And if you use (and pay) for a product, you should be aware of the darn
license agreement.
Otherwise, don'tbe surprised if you one day sign away your kidney and first
born to B.Gates.

RTFM

oliver rochford


--------- Original Message --------
From: Gaurav Kumar <gaurav@...labs.com>
To: manohar singh <seclistaddress@...oo.com>
Cc: full-disclosure@...ts.netsys.com
Subject: Re: [Full-Disclosure] Microsoft win2003server phone home
Date: 04/08/03 09:44

>
> jeeesus,
>
> where's the manager? someone throw these kiddies out
> puhleese.
>
> u call me script kiddie, may i know if u r not?
> r u  master of internet securitiy technologies?
> i hope one learns by studying some material and then try of its own. did
all
> the knowledge u have was acquired automatically?probably not.
>
> will you read the license agreement to the part where
> it talks about the update ?
>
> the agreement says the info will be sent to microsoft. r u sure?
> how does it establish identity without using any digital certificate.
>
> we are here to learn and grow. not to fight.
>
> =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
> Gaurav Kumar
> Chief Information Security Analyst
>
> E2 Labs Information Security Pvt. Ltd.
> Road no. 3 , Banjara Hills
> Hyderbad-34
> AP
> India
>
> gaurav@...labs.com
> www.e2-labs.com
>
> Phone(s)-
> Mobile      +91 40 31068650
> Tele/Fax   +91 40 23555942 (ext-24)
> =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
> ----- Original Message -----
> From: &quot;manohar singh&quot; &lt;seclistaddress@...oo.com&gt;
> To: &quot;Gaurav Kumar&quot; &lt;gaurav@...labs.com&gt;
> Cc: &lt;full-disclosure@...ts.netsys.com&gt;
> Sent: Monday, August 04, 2003 5:52 PM
> Subject: Re: [Full-Disclosure] Microsoft win2003server phone home
>
>
> jeeesus,
>
> where's the manager? someone throw these kiddies out
> puhleese.
>
> will you read the license agreement to the part where
> it talks about the update ?
>
> !
>
> Gaurav Kumar &lt;gaurav@...labs.com&gt; wrote: 1. Is this
> behavior normal for a windows server installation ?
> i think that this behavour is normal bcoz as u analyse
> that session u will get to know that server is trying
> to update something
>
> 2. Could this behavior be considered as a violation
> of privacy ?
> this surely a case of violation of privacy as it is
> not mentioned in agreement. go ahead, sue micro$oft.
>
> 3. Could it be considered as a security risk to let
> a newly installed server,
> request information from an arbitrary server that I
> have no control over ?
> yes its a security risk bcoz it is not even using pki
> to establish identity of the server.
>
>
> Gaurav Kumar
>
> Chief Information Security Analyst
> E2 Labs Information Security Pvt. Ltd.
> Hyderbad-34
> AP
> India
>
> Phone(s)-
> Mobile +91 40 31068650
> Tele/Fax +91 40 23555942 (ext-24)
> =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
> ----- Original Message ----- From: &quot;gyrniff&quot;
> &lt;b240503@...niff.dk&gt;
> To: &lt;full-disclosure@...ts.netsys.com&gt;
> Sent: Monday, August 04, 2003 3:27 PM
> Subject: [Full-Disclosure] Microsoft win2003server
> phone home
>
>
>
> &gt; After acquiring and installing a copy of 'Windows
> Server 2003 Standard Edition
> &gt; 180-Day Evaluation' I walked through the 'role
> wizard', used the 'custom
> &gt; role config' and selected everything ;-)
> &gt; After reboot the server made two POST request to
> microsoft controlled
> &gt; webserveres without any notification. One request to
> activex.micrisoft.com
> &gt; and one to codecs.microsoft.com, the data posted to
> the two severs was the
> &gt; same. (See the request and responds below.)
> &gt;
> &gt; I can find no information in the license agreement
> about giving away
> &gt; 'information' behind my back.
> &gt;
> &gt; My question:
> &gt; 1. Is this behavior normal for a windows server
> installation ?
> &gt; 2. Could this behavior be considered as a violation
> of privacy ?
> &gt; 3. Could it be considered as a security risk to let
> a newly installed server,
> &gt; request information from an arbitrary server that I
> have no control over ?
> &gt;
> &gt; ****
> &gt;
> &gt; Posted data to activex.microsoft.com:
> &gt; POST /objects/ocget.dll HTTP/1.1
> &gt; Accept: application/x-cabinet-win32-x86,
> application/x-pe-win32-x86,
> &gt; application/octet-stream, application/x-setupscript,
> */*
> &gt; Content-Type: application/x-www-form-urlencoded
> &gt; Accept-Language: da
> &gt; Accept-Encoding: gzip, deflate
> &gt; User-Agent: Mozilla/4.0 (compatible; MSIE 6.0;
> Windows NT 5.2; .NET CLR
> &gt; 1.1.4322)
> &gt; Host: activex.microsoft.com
> &gt; Content-Length: 44
> &gt; Connection: Keep-Alive
> &gt; Cache-Control: no-cache
> &gt;
> &gt; CLSID={FC7D9E02-3F9E-11D3-93C0-00C04F72DAF7}
> &gt;
> &gt; The reply:
> &gt; HTTP/1.1 404 Object Not Found
> &gt; Server: Microsoft-IIS/5.0
> &gt; Date: Sun, 03 Aug 2003 09:48:38 GMT
> &gt; Connection: close
> &gt; Content-Type: text/html
> &gt; Content-Length: 102
> &gt;
> &gt;
&lt;html&gt;&lt;head&gt;&lt;title&gt;Error&lt;/title&gt;&lt;/head&gt;&lt;body&gt;The
> system cannot find the file
> &gt; specified. &lt;/body&gt;&lt;/html&gt;
> &gt;
> &gt; ***
> &gt;
> &gt; Postede data to codecs.microsoft.com
> &gt; POST /isapi/ocget.dll HTTP/1.1
> &gt; Accept: application/x-cabinet-win32-x86,
> application/x-pe-win32-x86,
> &gt; application/octet-stream, application/x-setupscript,
> */*
> &gt; Content-Type: application/x-www-form-urlencoded
> &gt; Accept-Language: da
> &gt; Accept-Encoding: gzip, deflate
> &gt; User-Agent: Mozilla/4.0 (compatible; MSIE 6.0;
> Windows NT 5.2; .NET CLR
> &gt; 1.1.4322)
> &gt; Host: codecs.microsoft.com
> &gt; Content-Length: 44
> &gt; Connection: Keep-Alive
> &gt; Cache-Control: no-cache
> &gt;
> &gt; CLSID={FC7D9E02-3F9E-11D3-93C0-00C04F72DAF7}
> &gt;
> &gt; And the reply:
> &gt; HTTP/1.1 404 Not Found
> &gt; Connection: close
> &gt; Date: Sun, 03 Aug 2003 09:47:54 GMT
> &gt; Server: Microsoft-IIS/6.0
> &gt; P3P:
> policyref=&quot;http://www.microsoft.com/w3c/p3p.xml&quot;
> CP=&quot;ALL IND DSP COR ADM
> &gt; CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo
> CNT COM INT NAV ONL PHY PRE
> &gt; PUR UNI&quot;
> &gt; X-Powered-By: ASP.NET
> &gt;
> &gt;
> &gt; /Gyrniff
> &gt;
> &gt; _______________________________________________
> &gt; Full-Disclosure - We believe in it.
> &gt; Charter:
> http://lists.netsys.com/full-disclosure-charter.html
> &gt;
>
>
> __________________________________
> Do you Yahoo!?
> SBC Yahoo! DSL - Now only $29.95 per month!
> http://sbc.yahoo.com
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
>
>
>

www.aspire2write.com ...writers Number1 resource
________________________________________________
....www.goddamn-inter.net

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ