Chaos Digest Mercredi 28 Avril 1993 Volume 1 : Numero 21
ISSN 1244-4901
Editeur: Jean-Bernard Condat (
[email protected])
Archiviste: Yves-Marie Crabbe
Co-Redacteurs: Arnaud Bigare, Stephane Briere
TABLE DES MATIERES, #1.21 (28 Avril 1993)
File 1--Liste des 36xx de France Telecom
File 2--_Securite Informatique '93_ (annonce)
File 3--Nouveau virus Mac: INIT-M
Chaos Digest is a weekly electronic journal/newsletter. Subscriptions are
available at no cost by sending a message to:
[email protected]
with a mail header or first line containing the following informations:
X-Mn-Admin: join CHAOS_DIGEST
The editors may be contacted by voice (+33 1 47874083), fax (+33 1 47877070)
or S-mail at: Jean-Bernard Condat, Chaos Computer Club France [CCCF], B.P.
155, 93404 St-Ouen Cedex, France.
Issues of ChaosD can also be found on some French BBS. Back issues of
ChaosD can be found on the Internet as part of the Computer underground
Digest archives. They're accessible using anonymous FTP from:
* kragar.eff.org [192.88.144.4] in /pub/cud/chaos
* uglymouse.css.itd.umich.edu [141.211.182.91] in /pub/CuD/chaos
* halcyon.com [192.135.191.2] in /pub/mirror/cud/chaos
* ftp.cic.net [192.131.22.2] in /e-serials/alphabetic/c/chaos-digest
* ftp.ee.mu.oz.au [128.250.77.2] in /pub/text/CuD/chaos
* nic.funet.fi [128.214.6.100] in /pub/doc/cud/chaos
* orchid.csv.warwick.ac.uk [137.205.192.5] in /pub/cud/chaos
CHAOS DIGEST is an open forum dedicated to sharing French information among
computerists and to the presentation and debate of diverse views. ChaosD
material may be reprinted for non-profit as long as the source is cited.
Some authors do copyright their material, and they should be contacted for
reprint permission. Readers are encouraged to submit reasoned articles in
French, English or German languages relating to computer culture and
telecommunications. Articles are preferred to short responses. Please
avoid quoting previous posts unless absolutely necessary.
DISCLAIMER: The views represented herein do not necessarily represent
the views of the moderators. Chaos Digest contributors
assume all responsibility for ensuring that articles
submitted do not violate copyright protections.
----------------------------------------------------------------------
From:
[email protected]
Date: 26 Apr 939 06:59:59 GMT
Subject: File 1--Liste des 36xx de France Telecom
Repost from:
[email protected]
All week, France Telecom added new direct services to the list of
special numbers beginning by {ZAB=} _36. This new "36" numbers are
available all over the French regions with some restrictions.
Following the list of all services available April 26th:
LIST OF 36PQ SERVICES
APRIL 26TH, 1993
Number Description of Provided Service
3600 Transpac access (1,200 baud/s)
3601 Transpac access (300 baud/s)
3602 Transpac access (2,400 & 4,800 baud/s)
3603 Transpac X.32
3605mcdu "Numero Vert" by Minitel (it's like the 800 phone
numbers but for X.25 computer access). FREE.
36062424 Asynchrounous computer access (300-2,400 baud/s)
360736du Reference PAVI (for X.25 services test procedures)
36086464 Synchronous Transpac access 64 kbit/s
3609mcdu Computer access for Alphapage (the French pager)
message delivery. {mcdu=} 0909 for a 80-characters
alpha-numeric message
3610 Automatic French access for calls using a "Carte
Pastel" (the equivalent of an MCI or AT&T phone
card, but with three options: (1) restricted access
for children able to phone only to 10 predefined
phone numbers; (2) national, and (3) international)
3612 Minicom, the France Telecom videotex mail system
directly linked with your phone number
3613 Videotex access Teletel 1
TTY access (no-business services)
3614 Videotex access Teletel 2
3615 Videotex access Teletel 3
3616 Videotex access, business services
3617 Videotex access, business services (high price)
3618 Minitel-to-Minitel communications (for blind peoples
for example)
3619 International Minitel services (phone directories, e.g.)
3621 ASCII standard access
3622 Teletel access for Germany, Belgium Italy, Luxembourg
and in a short time, all European countries
3623 Minitel--High Speed Access (2,400 baud/s and more)
3624mcdu Business X.25 access
3625mcdu Business X.25 access
3626mcdu Business X.25 access
3627mcdu Business X.25 access
3628mcdu Business X.25 access
3629mcdu Business X.25 access
3637 TV special abbreviated national phone number, like for
"Telethon 1993" action
3638mcdu ISDN France-Luxembourg
3642 Technician Position--FRANCE TELECOM (confidential)
36431111 International Phone Book
3644 DERAL (phone qualities parameters tests)--FRANCE
TELECOM (confidential)
3646 Configuration tests--FRANCE TELECOM (confidential)
3650 Direct voice phone operator for "Carte Pastel"
3653 Systeme Teletext-Telex
3655 Phoned telegrams
3656 Telegrams posted by Minitel
3658 France Telecom' customers local reclamation service
3659mcdu Local night phone information service
36606060 15-digit message for Alphapage
36616136 Operator's pager messages delivery service
3663mcdu Numero Azur (another type of tarification for extra
phone number: FRF 0.73 pro call without any restriction
regarding the call duration)
3664mcdu Audiotel, paided phone service
3665mcdu Audiotel, paided phone service: 5 UT (FRF 3.65 pro call)
3666mcdu Audiotel, paided phone service: MEDIA
3667mcdu Audiotel, paided phone service
3668mcdu Audiotel, paided phone service
3670mcdu Audiotel, paided phone service
3672 MemoPhone: public answering system (maximum 5 messages
of 30 secondes): FRF 1.46
3673mcdu MemoPhone between all French departements: {mcdu=} {mcmc=}
with {mc=} the departement postal code. For example, for
Paris, {mc=} 75.
3689mcdu Conference by phone (max. 25 persons)
3699 Voice clock
_____Jean-Bernard Condat_____
[Editor of _Chaos Digest_, the first computer security e-journal]
CCCF, B.P. 8005, 69351 Lyon Cedex 08, France
Phone: +33 1 47874083; Fax: +33 1 47877070
InterNet:
[email protected] or
[email protected]
------------------------------
Date: Thu, 22 Apr 93 18:02:45 -0500
From:
[email protected] (Samuel Celma )
Subject: File 2--_Securite Informatique '93_ (annonce)
5e manifestation annuelle
Securite Informatique '93
23-24 Septembre 1993, Maison de la Chimie, PARIS
(Maison de la Chimie, 28 rue Saint-Dominique, 75007 Paris
tel.: 47051073; fax: 45559862)
21-22 Juin 1993, Hotel Beau Rivage, GENEVE
(Hotel Beau Rivage, 13 quai du Mont-Blanc, CH-1201 Geneve
tel +41 22 731 02 21, fax: +41 22 738 98 47)
21 Bonnes Raisons de Participer a cette Manifestation
1. Determinez les directions dans lesquelles les structures europeennes vont
s'engager en matiere de securite informatique;
2. Apprenez a mettre en place et a gerer le suivi de votre politique de
securite;
3. Mesurez les couts et reussissez la negociation du budget securite avec
votre Direction Generale;
4. Faites le point sur les resultats de l'utilisation de la loi en matiere
de fraude informatique et anticipez les changements au niveau des
institutions europeennes;
5. Prenez conscience du suivi de l'enquete sur le terrain et des relations
indispensables entre le manager et les forces de l'ordre;
6. Evaluez le role de l'assurance et sa place dans une politique de securite;
7. Prenez part a une demonstration d'interactivite virale afin de mieux
comprendre les facons de gerer l'apres sinistre;
8. Determinez les moyens a mettre en oeuvre pour assurer a la fois Qualite
et securute;
9. Maitrisez les elements d'une mission securite des Echanges de Donnees
Informatisees;
10. Devenez l'expert securite de l'environnement UNIX de votre entreprise;
11. Maitrisez la gestion au quotidien d'une securite qui est primordiale a
la bonne sante de votre entreprise;
12. Tirez profit des etudes de cxas afin de baser vos futurs developpements
sur les conseils avertis d'utilisateurs;
13. Adaptez la securite informatique a votre societe, quelle que soit sa
taille, en profitant d'exploses concrets, destines aux entreprises de
dimensoin moyenne;
14. Ayez une longueur d'avance sur la concurrence en appliquant les principes
et les methodes de securisation de vos Systemes d'Information;
15. Developpez une strategie securite afin de parer a l'eventualite d'une
sous-traitance temporaire ou definitive de vos moyens informatiques;
16. Optimisez votre participation en choisissant a l'avance vos ateliers;
17. Beneficiez des syntheses d'atelier afin de maitriser l'aspect global de
la securite informatique;
18. Venez rencontrer vos homologues et debattre avec eux des metiers de la
securite informatique;
19. Beneficiez du dialogue offert par la table ronde pour reflechir en
interne, sur la formation des professionels de la securite des Systemes
d'Infomation;
20. Rencontrez les experts en securite informatique venus de Belgique, de
France et de Suisse pour prendre part a cet evenement annuel;
21. faites le bilan de vos competences pour palier les besoins de
securisation.
PREMIERE JOURNEE
8.30 Accueil des participants
9.00 Allocution d'ouverture du President
PARIS: Jean-Philippe JOUAS, Dir Surete & Protection, BULL
GENEVE: Jean-Luc CHAPPUIS, Pres. CLUSIS
9.15 Le Panorama de la Securite Informatique
- Quelles sont les normes europeennes qui vont changer le panorama
de la securite informatique?
- Quels sont les enjeux du programme Infosec?
Gerard BOUGET, Vice-Pres. FIASI
9.45 La methodologie d'un audit de securite du systeme d'information
- Approche et demarche de l'audit, de la methodologie a la pratique
- Presentation des resultats et bilans
Guy TOLLET, Internal Audit Manager, AG 1824
10.30 Pause cafe
10.45 Mise en oeuvre et evolution du schema directeur
- La mise en oeuvre, la gestion et son suivi
- Que faire pour que le schema directeur reflete la strategie de
l'entreprise?
- Comment apporter les modifications necessaires afin de suivre
l'evolution?
Guy POINAS, Responsable Qualite-Securite, FRAMATOME
11.30 Comment maintenir operationnels les moyens de sauvegarde et de secours
- La disponibilite des donnes et des moyens
- Actualisation des differents plans
- Quels sont les controles, audit et tests a realiser?
Alain REFFRAY, Pres. du Directoire, EXPLOITIQUE
12.15 Les couts de la securte: comment justifier un budger securite
informatique en periode de crise economique?
- Comptabilite analytique des couts: comment mesurer la rentabilite
de l'investissement securite?
- Comment chiffrer les besoins en securite informatique?
- La negociation avec la DG: quels sont les arguments a developper?
- Peut-on vendre le projet securite?
Luc GOLVERS, Pres. du CLUSIB
13.00 Dejeuner
14.45 Evolution des besoins en matiere de fraude informatique
- Etudes et resultats de l'utilisation de la loi de 1988
- Etat de la legislation dans les pays de la CEE
- Etat des projets au niveau des institutions europeennes
Jacques GODFRAIN, Depute de l'Aveyron, ASSEMBLEE NATIONALE
15.30 ATELIER LEGISLATION
Aspects Juridiques: Moyens de Prevention et sanctions
- Mesures de prevention pour assurer la securite du systeme
d'information
- Quels sont les recours et sanctions?
Alain BENSOUSSAN, Avocat, Cabinet Alain BENSOUSSAN
ATELIER ASSURANCE
Risk Management: Le financement de l'apres sinistre
- Les limites du transfert a l'assurance: garanties et capacites
financieres actuellement disponibles
- Les conditions d'une assurance adequate et fiable: comment etendre
le champ de l'assurable et eviter surprimes et sous-assurances
Yves MAQUET, Risk Manager Consultant, SUGMA RISK
& Gilbert FLEPP, Resp. Souscription Risques et Techn., CIGNA FRANCE
ATELIER REPRESSION
La demarche d'une enquete sur la fraude informatique
- L'ampleur du phenomene criminalite reelle, apparente et legale
- Les differents services repressifs: problematique et illustration
de l'enquete de Police
- Perspectives d'evolution de la deliquance informatique
PARIS: Christian MIRABEL, Chef Sect. Informatique, Brigade Financiere
Direction de la Police Judiciaire
GENEVE: Daniel CHEVALLEY, Brig. Fin., Police de Surete Vaudoise
16.15 Pause cafe
16.45 Synthese des Ateliers
17.15 Les virus informatiques: les enjeux de la securite post-contamination
- Comment aborder la demarche post-contamination
- La distinction entre detection/diagnostic et elimination/reparation
- Caracteristiques et risques de l'interactivite virale
Jean-Claude HOFF, Vice-Pres. Club Sec. Informatique Region Picardie
18.15 Allocution de cloture du President
18.30 Fin de la premiere journee
SECONDE JOURNEE
8.30 Accueil des participants
9.00 Allocution du President
PARIS: Luc GOLVERS, President du CLUSIB
GENEVE: Gerard BOUGET, FIASI
9.15 ATELIER SECURITE & EDI
Les enjeux specifiques a la securite des echanges de donnees
- Doit-on controler et auditer les systemes EDI?
Christophe CUSSAC, Expert Comptable, GUERARD VIALA
Les moyens de securite et de controle propres aux EDI
- Les possibilites de controle a l'interieur des messages et de l'EDI
- Utilisation des messages EDI specifiques pour assurer la securite
Juerg BRUN, Expert Comptable diplome, ATAG ERNST & YOUNG
ATELIER SECURITE D'UN PARC MICRO
Mesures de precaution et de recherche d'outils
- Le role du centre d'expertise de lutte anti-virus
- Presentation de differents moyens de sensibilisation
- Explication des differents outils
Pierre LESCOP, Resp. Div. Micro-Informatique et Anti-Virus, Serv.de
Recherche Tech., LA POSTE
Systemes de gestion et d'administration de la securite des reseaux
locaux
- Presentation des besoins pour la securite d'un Lan
- Mise en place d'un concept de securite
Christian SCHERRER, Dir., CW CONCEPTWARE
ATELIER SECURITE SOUS ENVIRONNEMENT UNIX
- Historique et principes: Unix est-il un OS passoire?
- Les failles les plus frequentes en environnement UNIX
- Les solutions additionnelles de niveau C2 et apercu d'un solution B1
- Les solutions a moyen terme pour une informatique distribuee
Loup GRONIER, Resp. Formation, CF6 AGENCE SECURITE
10.45 Pause cafe
11.15 Synthese des Ateliers
11.45 Etude de Cas
Qualite d'acces logique dans le cadre d'un reseau heterogene a la RATP
Christian PETITPAS, Resp. Securite des Syst. d'Inf., RATP
12.30 Dejeuner
14.15 ATELIER ENTREPRISES DE DIMENSION MOYENNE
De la therapie appliquee a un jeune etablissement financier en vue de
son immunisation contre les risques
- L'approche du generaliste
* L'examen clinique face a l'environnement "hostile"
* Les forces vitales a preserver
* Le traitement applique
- Les examens de controle du specialiste
- Le bilan de sante actuel
Bernard MALAN, Resp. Gestion Res. Techn., FIMAGEST
Comment aborder la demarche de choix d'un solution de backup
PARIS: Alan SILLITOE, Resp. Informatique, CHRISTIAN BERNARD DIFFUSION
GENEVE: Pierre DELETRAZ, Dir., COMPUTER SECURITY SITE S.A.
ATELIER INDUSTRIE
Les enjeux de la securite des systemes d'information dans un
environnement de production
- Introduction aux objectifs d'une entreprise industrielle
- La vulnerabilite des systemes d'information dans ce cadre
- Realisation, choix et perspectives
Jean-Louis SZUBA, Agent Cental de Sec. Inf., AEROSPACIALE
La Securite informatique dans un centre de recherche (Etude de Cas)
- La securite informatique et la protection du patrimoine
- Les moyens a la disposition des chercheurs
- Organisation de la securite; les procedures et les outils
Michel COMBE: Resp. Mission Sec., EDF-DIR ETUDES & RECHERCHES
ATELIER BANQUES
Le perimetre "Securite": Pourquoi un tableau de bord securite?
- Les connections (VTAM)
- Le logiciel de securite du systeme d'exploitation (RACF)
- Le referentiel de la securite applicative
PARIS: Bertrand de la RENAUDIE, Resp. Sec., BANQUE INDOSUEZ
GENEVE: Jacques BOURACHOT, Resp. Inf., BANQUE INDOSUEZ
Etudes de cas
PARIS: La demarche securite au CTR Nord-Est
- Etude securite et mesures prises
- L'acquis des experiences
Roger KNOCHEL, Resp. Securite, CTR NORD-EST, CAISSE D'EPARGNE
GENEVE: Organisation et gestion de la securite informatique dans un
contexte de facilities management
- Le FM et ses prestations dans un milieu bancaire
- Presentation d'un contexte operationnel
- Politique de securite: regles et responsabilites
- Les domaines de securite et leurs interactions
- Les impacts du FM sur la gestion et l'admin. de la securite
Raymond ROCHAT, Resp. Securite Inf., BANQUE CANTONALE VAUDOISE
15.45 Pause cafe
16.15 Qualite et securite, partenaires incontournables
- De quelle maniere peut-on conciler Qualite et Securite?
Gerard BOUGET, FIASI
17.00 Table ronde
Les metiers de la securite des systemes d'information
- Comment la structure peut-elle influencer la fonction?
- Jusqu'ou vont les responsabilites du Dir. des Syst. d'Inf. (DSI)
dans sa mission securite informatique
- Remise en cause de la fonction Dir. Sec. des Syst. d'Inf. (DSSI):
comment assurer une parfaite securite lorsqu'on assure plusieurs
missions DSI?
- Comment assurer la formation des professsionnels de la securite?
Animateur Paris: Luc Golvers. Avec: Rene KRAFT, CENCEP; Bernard
MALAN, FIMAGEST; Eddie SOULIER, CIGREF, & Jean VERGNOUX, RENAULT.
Animateur Geneve: Jean-Luc CHAPPUIS, CLUSIS. Avec: Bernard MALAN,
FIMAGEST; Jean MENTHONNEX, EPI INGENIEURS-CONSEILS S.A.; Raymond
ROCHAT, BANQU CANTONALE VAUDOISE.
18.30 Allocution de cloture du President
18.45 Fin de manifestation
| Inscrivez vous et envoyez le reglement avant le 23 Avril 1993 et |
|l'Institute for International Research vous offrira gracieusement l'ouvrage|
| |
|"Les virus, methodes et techniques de securite" de Jean-Claude HOFF (1992)|
------------------------------
Date: Thu, 22 Apr 93 18:02:45 -0500
From:
[email protected]
Subject: File 3--Nouveau virus Mac: INIT-M
New Macintosh Virus Discovered (INIT-M)
22 Apr 1993
Virus: INIT-M
Damage: Alters applications and other files; may severely damage
file system on infected Macs. See text below.
Spread: possibly limited, but has potential to spread quickly
Systems affected: All Apple Macintosh computers, under only System 7
The INIT-M virus was recently discovered at Dartmouth College, in a
file downloaded off the net. This is a DIFFERENT virus than the
INIT-17 virus announced April 12. It is a malicious virus that may
cause severe damage.
INIT-M rapidly spreads to applications, system extensions, documents
and preference files under System 7; it does not spread or activate on
System 6 systems. The virus spreads as the application files are run,
and is likely to spread extensively on an infected machine. The
infection is accomplished by altering existing program code. Besides
this incidental damage (that may, because of bugs in the virus code,
cause more severe damage), the virus also does extensive damage to
systems running on any Friday the 13th -- *not* just booted on that
day. Files and folders will be renamed to random strings, creation
and modification dates will be changed, and file creator and type
information will be scrambled. In some very rare circumstances, a
file or files may be deleted. This behavior is similar to the
previously announced (March 1992) INIT-1984 virus. Recovery from this
damage will be very difficult or impossible.
Note that the next three Friday the 13ths are in August 1993, May 1994,
and January 1995.
The virus, when present on an infected system, may interfere with the
proper display of some application window operations. It will also
create a file named "FSV Prefs" in the Preferences folder.
Recent versions of Gatekeeper and SAM Intercept (in advanced and
custom mode) are effective against this virus. Either program should
generate an alert if the virus is present and attempts to spread to
other files.
The authors of all other major Macintosh anti-virus tools are planning
updates to their tools to locate and/or eliminate this virus. Some of
these are listed below. We recommend that you obtain and run a CURRENT
version of AT LEAST ONE of these programs.
Some specific information on updated Mac anti-virus products follows:
Tool: Central Point Anti-Virus
Status: Commercial software
Revision to be released: 2.01e
Where to find: Compuserve, America Online, sumex-aim.stanford.edu,
Central Point BBS, (503) 690-6650
When available: immediately
Comments: The MacSig file will be dated 4/22/93
Tool: Disinfectant
Status: Free software (courtesy of Northwestern University and
John Norstad)
Revision to be released: 3.2
When available: immediately
Where to find: usual archive sites and bulletin boards --
ftp.acns.nwu.edu, sumex-aim.stanford.edu,
rascal.ics.utexas.edu, AppleLink, America Online,
CompuServe, Genie, Calvacom, MacNet, Delphi,
comp.binaries.mac
Tool: Gatekeeper
Status: Free software (courtesy of Chris Johnson)
Revision to be released: No new revision needed; 1.2.7 works
When available: immediately
Where to find: usual archive sites and bulletin boards --
microlib.cc.utexas.edu, sumex-aim.stanford.edu,
rascal.ics.utexas.edu, comp.binaries.mac
Tool: Rival
Status: Commercial software
Revision to be released: INIT-M Vaccine
When available: Immediately.
Where to find it: AppleLink, America Online, Internet, Compuserve.
Tool: SAM (Virus Clinic and Intercept)
Status: Commercial software
Revision to be released: 3.5.6
When available: immediately
Where to find: CompuServe, America Online, Applelink, Symantec's
Customer Service @ 800-441-7234
Comments: Updates to various versions of SAM to detect and remove
INIT-M are available from the above sources.
Tool: Virex
Status: Commercial software
Revision to be released: 3.93
Where to find: Datawatch Corporation, (919) 490-1277
When available: Detection Strings will be available 4/27 on AOL
and on the "DataGate" BBS @ (919) 419-1602. Updated version
with detection, repair and prevention capabilities will be
available next week.
Comments: Virex 3.93 will detect the virus in any file, and
repair any file that has not been permanently damaged. All Virex
subscribers will automatically be sent an update on diskette. All
other registered users will receive a notice by mail.
Tool: VirusDetective
Status: Shareware
Revision to be released: 5.0.9
When available: immediately
Where to find: various Mac archives
Comments: VirusDetective is shareware. Search strings for the new
virus will be sent only to registered users.
If you discover what you believe to be a virus on your Macintosh
system, please report it to the vendor/author of your anti-virus
software package for analysis. Such reports make early, informed
warnings like this one possible for the rest of the Mac community. If
you are otherwise unsure of who to contact, you may send e-mail to
[email protected] as an initial point of contact.
Also, be aware that writing and releasing computer viruses is more
than a rude and damaging act of vandalism -- it is also a violation of
many state and Federal laws in the US, and illegal in several other
countries. If you have information concerning the author of this or
any other computer virus, please contact any of the anti-virus
providers listed above. Several Mac virus authors have been
apprehended thanks to the efforts of the Mac user community, and some
have received criminal convictions for their actions. This is yet one
more way to help protect your computers.
------------------------------
End of Chaos Digest #1.21
************************************
