Full Disclosure mailing list archives
Re: Microsoft win2003server phone home
From: "Orochford" <orochford () cybermancer org>
Date: Mon, 4 Aug 2003 14:19:31 -0000
Hello, the subject has been discussed thoroughly for years, inclusing in court rooms and legal disputes. And if you use (and pay) for a product, you should be aware of the darn license agreement. Otherwise, don'tbe surprised if you one day sign away your kidney and first born to B.Gates. RTFM oliver rochford --------- Original Message -------- From: Gaurav Kumar <gaurav () e2-labs com> To: manohar singh <seclistaddress () yahoo com> Cc: full-disclosure () lists netsys com Subject: Re: [Full-disclosure] Microsoft win2003server phone home Date: 04/08/03 09:44
jeeesus, where's the manager? someone throw these kiddies out puhleese. u call me script kiddie, may i know if u r not? r u master of internet securitiy technologies? i hope one learns by studying some material and then try of its own. did
all
the knowledge u have was acquired automatically?probably not. will you read the license agreement to the part where it talks about the update ? the agreement says the info will be sent to microsoft. r u sure? how does it establish identity without using any digital certificate. we are here to learn and grow. not to fight. =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Gaurav Kumar Chief Information Security Analyst E2 Labs Information Security Pvt. Ltd. Road no. 3 , Banjara Hills Hyderbad-34 AP India gaurav () e2-labs com www.e2-labs.com Phone(s)- Mobile +91 40 31068650 Tele/Fax +91 40 23555942 (ext-24) =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= ----- Original Message ----- From: "manohar singh" <seclistaddress () yahoo com> To: "Gaurav Kumar" <gaurav () e2-labs com> Cc: <full-disclosure () lists netsys com> Sent: Monday, August 04, 2003 5:52 PM Subject: Re: [Full-disclosure] Microsoft win2003server phone home jeeesus, where's the manager? someone throw these kiddies out puhleese. will you read the license agreement to the part where it talks about the update ? ! Gaurav Kumar <gaurav () e2-labs com> wrote: 1. Is this behavior normal for a windows server installation ? i think that this behavour is normal bcoz as u analyse that session u will get to know that server is trying to update something 2. Could this behavior be considered as a violation of privacy ? this surely a case of violation of privacy as it is not mentioned in agreement. go ahead, sue micro$oft. 3. Could it be considered as a security risk to let a newly installed server, request information from an arbitrary server that I have no control over ? yes its a security risk bcoz it is not even using pki to establish identity of the server. Gaurav Kumar Chief Information Security Analyst E2 Labs Information Security Pvt. Ltd. Hyderbad-34 AP India Phone(s)- Mobile +91 40 31068650 Tele/Fax +91 40 23555942 (ext-24) =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= ----- Original Message ----- From: "gyrniff" <b240503 () gyrniff dk> To: <full-disclosure () lists netsys com> Sent: Monday, August 04, 2003 3:27 PM Subject: [Full-disclosure] Microsoft win2003server phone home > After acquiring and installing a copy of 'Windows Server 2003 Standard Edition > 180-Day Evaluation' I walked through the 'role wizard', used the 'custom > role config' and selected everything ;-) > After reboot the server made two POST request to microsoft controlled > webserveres without any notification. One request to activex.micrisoft.com > and one to codecs.microsoft.com, the data posted to the two severs was the > same. (See the request and responds below.) > > I can find no information in the license agreement about giving away > 'information' behind my back. > > My question: > 1. Is this behavior normal for a windows server installation ? > 2. Could this behavior be considered as a violation of privacy ? > 3. Could it be considered as a security risk to let a newly installed server, > request information from an arbitrary server that I have no control over ? > > **** > > Posted data to activex.microsoft.com: > POST /objects/ocget.dll HTTP/1.1 > Accept: application/x-cabinet-win32-x86, application/x-pe-win32-x86, > application/octet-stream, application/x-setupscript, */* > Content-Type: application/x-www-form-urlencoded > Accept-Language: da > Accept-Encoding: gzip, deflate > User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; .NET CLR > 1.1.4322) > Host: activex.microsoft.com > Content-Length: 44 > Connection: Keep-Alive > Cache-Control: no-cache > > CLSID={FC7D9E02-3F9E-11D3-93C0-00C04F72DAF7} > > The reply: > HTTP/1.1 404 Object Not Found > Server: Microsoft-IIS/5.0 > Date: Sun, 03 Aug 2003 09:48:38 GMT > Connection: close > Content-Type: text/html > Content-Length: 102 > >
<html><head><title>Error</title></head><body>The
system cannot find the file > specified. </body></html> > > *** > > Postede data to codecs.microsoft.com > POST /isapi/ocget.dll HTTP/1.1 > Accept: application/x-cabinet-win32-x86, application/x-pe-win32-x86, > application/octet-stream, application/x-setupscript, */* > Content-Type: application/x-www-form-urlencoded > Accept-Language: da > Accept-Encoding: gzip, deflate > User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; .NET CLR > 1.1.4322) > Host: codecs.microsoft.com > Content-Length: 44 > Connection: Keep-Alive > Cache-Control: no-cache > > CLSID={FC7D9E02-3F9E-11D3-93C0-00C04F72DAF7} > > And the reply: > HTTP/1.1 404 Not Found > Connection: close > Date: Sun, 03 Aug 2003 09:47:54 GMT > Server: Microsoft-IIS/6.0 > P3P: policyref="http://www.microsoft.com/w3c/p3p.xml" CP="ALL IND DSP COR ADM > CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE > PUR UNI" > X-Powered-By: ASP.NET > > > /Gyrniff > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html > __________________________________ Do you Yahoo!? SBC Yahoo! DSL - Now only $29.95 per month! http://sbc.yahoo.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
www.aspire2write.com ...writers Number1 resource ________________________________________________ ....www.goddamn-inter.net _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Microsoft win2003server phone home gyrniff (Aug 04)
- Re: Microsoft win2003server phone home Gaurav Kumar (Aug 04)
- Re: Microsoft win2003server phone home manohar singh (Aug 04)
- Re: Microsoft win2003server phone home Gaurav Kumar (Aug 04)
- Re: Microsoft win2003server phone home Mike Garegnani (Aug 04)
- Re: Microsoft win2003server phone home Matthew Murphy (Aug 04)
- Re: Microsoft win2003server phone home manohar singh (Aug 04)
- Re: Microsoft win2003server phone home martin scherer (Aug 04)
- Re: Microsoft win2003server phone home Valdis . Kletnieks (Aug 04)
- RE: Microsoft win2003server phone home Jason Coombs (Aug 04)
- Re: Microsoft win2003server phone home Valdis . Kletnieks (Aug 04)
- Re: Microsoft win2003server phone home Valdis . Kletnieks (Aug 04)
- Re: Microsoft win2003server phone home Gaurav Kumar (Aug 04)
- <Possible follow-ups>
- Re: Microsoft win2003server phone home Orochford (Aug 04)