autox
[Top] [All Lists]

Re: Is This For Real or Phony?

To: "Mark Sirota" <msirota@isc.upenn.edu>, "Pat MacAvoy" <patmac@tridelta.com>
Subject: Re: Is This For Real or Phony?
From: "Matt Murray" <mattm@optonline.net>
Date: Fri, 4 Jun 1999 16:19:11 -0400
Just to amplifiy Mark's info a little bit:

>Subject: Re: Stanford Tracking Racist E-Mails
>
>A good article about the incident is here..
>
>
http://daily.stanford.org/Daily98-99/6-2-1999/news/NEWe-mail02.html
>
>   ..and another is here..
>
>   http://www.stanford.edu/dept/news/report/news/june2/email-62.html
>
>This is seemingly an instance of a "masquerade attack" wherein the
intended
>victim is the person who's account the email message apparently
originated
>from, and everyone who received the unsavory (in this case) message
are
>secondary victims.
>
>This isn't the only masquerade attack we've had, according to our
security
>officer, but it's the most visible (that I can recall).
>
>I won't be surprised to see this sort of attack become more pervasive
as more
>people figure out how easy it is to forge "plain" email messages. Of
course,
>strong-crypto-based integrity and attribution assurances will help
mitigate
>this, but we need the tools and infrastructure to support that to be
>pervasive. And that isn't going to happen soon given the government's
current
>stance toward crypto.
>
>Jeff
Matt Murray

mailto:mattm@optonline.net
mailto:mdmurray@gwns.com

-----Original Message-----
From: Mark Sirota <msirota@isc.upenn.edu>
Subject: Re: Is This For Real or Phony?


>This is off-topic, but I'm responding in an effort to stem the rising
>tide of off-topic posts.  Speaking authoritatively here:
>
>Richard is right -- most web sites log the date, time, and IP address
>for every page visited.  They do this primarily to track what's being
>viewed, and to a smaller extent, who's viewing it (probably only
>looking at the top-level domain, e.g. "com", "edu", "gov", "mil",
"org",
>"net", etc.)  They generate summary reports showing how popular the
>site is, mostly for marketing and sizing purposes.
>
>Paul Foster expressed discomfort that sites were storing your IP
>address -- this is more difficult for them to do, and most don't,
>unless you actually give it to them.
>
>Pat is correct about DHCP and dynamic addressing, but your ISP also
>keeps a log of what user is connected to what IP address, so if the
>ISP and web provider worked together, they could certainly determine
>who was looking at what, and when.
>
>Still, it's really not worth worrying about.  The only time such
effort
>would be expended is if there is a break-in of some kind, or the FBI
>subpoenaed the records, or something like that.  In practice,
providers
>don't have the time or motive to bother with this kind of detail.
>
>Mark
>


<Prev in Thread] Current Thread [Next in Thread>