[unisog] Fake Windows-Update Site

Daniel G. Epstein depstein at uchicago.edu
Wed Jun 25 22:27:01 GMT 2003

Hash: SHA1

On Wed, Jun 25, 2003 at 10:48:04AM -0500, Harris, Michael C. wrote:
> I think Daniel Epstein was cross posting from the
> intrusinons at incidents.org list but I was unable to open his PGP
> message, my apologies for the extra noise to those of you on both
> lists. here is the general detail.

No, I was directly posting to UNISOG (I don't read
intrusions at incidents.org).  However, it does seem that I used an expired
key (687100B7) instead of my current one (2ECF2EBD), my apologies.  I
can't think of why it wouldn't open for you, other than that your mail
reader does not conform to RFC 2015 regarding pgp/mime and you would
therefore need to have opened the attachment and verified the signature
manually.  However, the info you posted is roughly what I posted as
well.  I have signed this message with the correct key and in a format
that can be read by legacy mail readers such as Outlook. :)



- -- 

A boast of "I have been's,"  | Daniel G. Epstein
quoted from foolscap tomes,  | Network Security Officer,
is a shadow brushed away     | Network Security Center
by an acorn from an oak tree | NSIT, The University of Chicago 
or a salmon in a pool.       | depstein at uchicago.edu

GnuPG public keys available from http://pgp.mit.edu/
or http://security.uchicago.edu/centerinfo/pgpkeys.shtml
Version: GnuPG v1.0.6 (SunOS)
Comment: For info see http://www.gnupg.org


More information about the unisog mailing list