From cfleming@pressroom.com Wed Jan 3 16:49:54 2001 Date: Wed, 3 Jan 2001 11:49:54 -0500 From: Charles M. Fleming cfleming@pressroom.com Subject: [NASSLUG] Bluesky Proceedings Reply-To: The Blue Sky Discussion seems to have produced interest about the use of Linux in NASS. I have received some inquiries since then about joining the mailing list. Phil Zellers prefers that the Proceedings of the Blue Sky Discussion be circulated over the NASS Bulletin Board. I plan to work up an html and PDF versions of the proceedings. A Postscript version exists already but the graphics are in color which makes the printing of it a long process; it takes about 30 minutes to make a paper copy of the Proceedings. Nonetheless, I can easily make a copy having no graphics. Stop by my office: 5867 for a copy or call me at: 202-690-8820. I will not have an opportunity to create a version suitable for display on the web page until next week. When it is finished, perhaps we can inform others in the Agency of its existence. The essays that comprise the Proceedings are well done and they deserve to be disseminated. Mike From jameson@coost.com Wed Jan 3 18:02:26 2001 Date: Wed, 03 Jan 2001 13:02:26 -0500 From: Jameson C. Burt jameson@coost.com Subject: [NASSLUG] NSA codes "Secure Linux", Russians use Egghead credit card numbers The National Security Agency (NSA) released to the open source community the code for their "Secure Linux" project. The story can be found in January 3, 2001, of http://www.linuxtoday.com, or more specifically, http://linuxtoday.com/news_story.php3?ltsn=2001-01-03-001-21-SC-HE-SV (though email might make this latter URL unuseable). While one wouldn't want to use this NSA code directly, some of it will probably be incorporated by Linux developers. The NSA action represents government's need for secure operating systems. Within the military, there are numerous computers that are prohibited from having any commercial software. These actions by the military might be reflected in last month's Russian entry into Microsoft. Microsoft stated that they thought little code had been removed. That statement reminds me of Egghead/Onsale's email to me two weeks ago stating that their computers had been compromised, but "We have no information at this time to suggest that any credit card information has been compromised" Last week, I looked at my Indiana credit union account online, noticing a $10.50 charge from Global Telecom, Moscow I notified my credit union of this bogus credit card charge, for which they sent me a complaint form. Today my credit union informed me that they have hundreds of these charges appearing just in their credit union. All their credit card numbers had been used before with Egghead. Two years ago, I felt computer security was oversold by those who never saw internet's openness and useability in the mid-1980's. But with stories like the above and the nightly parade of attacks on nasslug.org, I now sit down for a security match (like a checkers match) every night. This week, I have seen others computers taken over, then their computers used to try cracking into nasslug.org. The logs in nasslug.org show attacks on ports 111 (remote procedure call), 23 (telnet), 21 (ftp), ... I have seen hijacked computers controlled by the same user with the same trail from numerous countries: Russia (of course!), Israel (Russian emigrees?), Korea, Hong Kong, Poland, US, ... I sent logs to the CERT security center and informed those who oversaw the involved IP numbers. If you have a DSL or a cable connection at home, you can presume you're getting probed nightly. For some perspective, if there are 300 million computer users and only 1 in 10,000 tries to crack into others' computers, that would represent 30,000 crackers. And since crackers use prewritten scripts that can attack a million computers a night [I wrote a script that querried the whois DNS registry 500,000 times a day], expect them trying to breach your computer. We can all thank NSA for its contributions to computer security. -- Jameson C. Burt, NJ9L Fairfax, Virginia, USA jameson@coost.com http://www.coost.com (202) 690-0380 (work) You can only find truth with logic if you have already found truth without it. -- G.K. Chesterton From cfleming@pressroom.com Fri Jan 5 23:37:45 2001 Date: Fri, 05 Jan 2001 18:37:45 -0500 From: cfleming@pressroom.com cfleming@pressroom.com Subject: [NASSLUG] HTML Editor I found a discussion of HTML editors on the DCLUG mailing list. One promising editor is Bluefish. It was highly recommended and of the little time I spent investigating it, Bluefish may be worth studying. Here is a brief discription of Bluefish: Description: A Gtk+ HTML editor Bluefish is a GTK HTML editor for the experienced web designer. It is currently in alpha stage, but still usable. Its features include nice wizards for startup, tables and frame; a fully featured image insert dialog; and thumbnail creation and automatically linking of the thumbnail with the original image. . For validation to work you need weblint. For preview to work, you need a web browser that can view local files given to it on the command line. Mike From cfleming@pressroom.com Tue Jan 9 23:37:26 2001 Date: Tue, 09 Jan 2001 18:37:26 -0500 From: cfleming@pressroom.com cfleming@pressroom.com Subject: [NASSLUG] Re: NASSLUG.org closing this weekend: management request Jim, I am sorry that nasslug.org is being shut down. The reasons for creating it are well founded. Of course, if nasslug.org is owned by a private concern little can be done to stop its broadcast, so to speak. Funny, there are LUG's associated with high schools and univerities which flourish. Count me in on a govlug.org site. Mike