informis
/
textfiles
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
textfiles/fun/comsec1.txt

308 lines
13 KiB
Plaintext
Raw Permalink Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

THIS IS COMSEC BULLETIN #1, FEBRUARY 17, 1990. FOR FURTHER
INFORMATION, CONTACT THE COMSEC BBS (202) 334-1304 OR CALL OUR
OFFICE AT (301) 670-0512 AND LEAVE A MESSAGE.
About the Bulletin
The COMSEC Bulletin is published to provide a means of informing
COMSEC Association members of the business of the association. It
is published on a random basis with news that can affect members.
Please note, the 'COMSEC Journal', which will be the association's
premier publication, will be published quarterly and should not be
confused with the bulletin.
The association wants to thank all of our members for their
patience during the associations transition. We hope that you will
be satisfied with your membership in the coming year.
What's Inside
- Surveillance Expo '89
- Annual COMSEC membership meeting
- Using a Spectrum Analyzer
- Audio Tapes Available
- Washington DC COMSEC Chapter News
- S&L's Phone Bugged
- Membership Certificates and Cards
- Advertising
- TECHNET Data Systems - First COMSEC Corporate Sponsor
- Call to all writers
- Competitive Intelligence
- Hacker enters GRUMMAN Corp computer
Surveillance EXPO '89
For those of our members who weren't able to make it to
Surveillance Expo '89 we missed you. Needless to say the Expo was a
rousing success with exhibitors and speakers that represented the
entire spectrum of the security field. The Association is glad to
have been one of the cornerstones that made this years Expo happen
and we have already begun making preparations for the next Expo to
be held 28-30 November, 1990. Mark that date on your calendars and
plan to attend.
Annual COMSEC Membership Meeting
The annual COMSEC membership meeting was held on December 13, 1989
following the last Expo seminar of the day. Although participation
could have been better , a majority of the board of the directors
were present enabling us to make decisions that will affect the
association for the following year.
A number of topics were covered that all of the association members
should be aware of. For those of you who were unable to attend they
will be covered briefly.
The first topic that was covered was membership goals for the
coming year. Currently the association has a small but growing
number of members. In order to provide reasonable membership
benefits, cover the associations overhead and increase the name
recognition of the association we have to increase the number of
members that the association has. A number of ideas were floored
that may help. It was first suggested that we limit our recruitment
of new members to the Washington, DC area. Its a matter of simple
logistics.
Since a large portion of our members reside in the DC area and the
national chapter has its offices in the area the recruitment of new
members can be closely monitored. However this means that members
outside of the DC area would suffer. Because of this the board
decided that a 75/25% split of effort would be used to recruit new
members with the majority of effort occurring in the Washington
area.
The next topic covered was the formation of local chapters. The
Association is proud to note that the first local chapter has been
established in the Washington area. The local chapter president is
Mike Brumbaugh (phone 703-739-8313) and he has some interesting
ideas. The first meeting of the Washington chapter will be in the
month of April. If you are interested in attending please give him
a call.
The discussion covered then covered the possibility of starting
other local chapters. A number of inquiries have been made but
other than this there has been no progress. The major problem is
finding individuals that are motivated enough to start a chapter.
Its a difficult task and it takes a special kind of person to
undertake the responsibilities and headaches associated with
forming a local chapter. Because of the responsibilities associated
with starting a local chapter it was decided that each local
chapter president would also automatically become a member of the
board of directors and would not be affected by the rule that board
members cannot miss more than two consecutive board meetings.
It was also decided that the minimum number of people required to
start a local chapter would be increased from 5 to 10. It was felt
that the more people involved in the initial formation of the local
chapter the better the chances of success.
Another topic discussed was the possibility of the COMSEC
association joining forces with the National Computer Security
Association. The Board of Directors and the director of NCSA
believe that both organizations would profit from a merging of
resources. The board plans on discussing this option further during
the first meeting of FY90. This meeting will be held the 3rd
Saturday of January. Subsequent board meetings will be held the 3rd
Saturday of the first month of a calendar quarter: January, April,
July and October.
The final item of discussion was the status of the COMSEC Journal.
The journal will be the cornerstone of the association and will
provide timely articles of interest to all members of the
association. Currently a number of articles are in the works for
the March issue. These articles include Telecommunication network
security problems and a story about a hacker who broke into a major
telecommunications network. There might be an article on STU III if
we can get it in time for publication. The association has also
approached a number of companies to inquire if they might be
interested in submitting articles for publication.
Finally, the association is attempting to compile a listing of
companies/ individuals involved in providing specialized security
services. One of the concerns is how to provide a listing that
holds some credibility. Members suggestions are welcomed and will
be provided to the board of directors for consideration.
Possibilities include a certification or training program.
Overall the annual meeting was a success and the next meeting will
even be better. Plan on being there.
Using a Spectrum Analyzer
The association received an interesting call a few weeks ago from
someone who was attempting to use a spectrum analyzer to locate an
clandestine listening device.
The problem with any specialized piece of equipment is that the
user must be aware of the limitations of the equipment that they
are using and also apply a little thought to how to systematically
locate a transmitter once there is a positive indication that it
exists.
In this particular case a spectrum analyzer with a audio speaker
must be utilized. Without a speaker the operator of the analyzer
cannot tell whether they are looking at a signal that is caused by
RF interference, a genuine signal put out by commercial transmitter
or a clandestine transmitter that is located in the room or
building.
Remember, in this particular instance we are discussing only one of
many means that some type of device may be utilized to listen to a
conversation in a room.
First, place a sound source in the room you are checking. Your
analyzer should also be located nearby since most transmitters of
this type have a limited range. You should then go slowly through
the frequency range to locate a signal source transmitting the same
audio that the sound source is transmitting. If you should find
that there is a transmitter located nearby, the sound source can be
moved in the room to see where it is best picked up by the
transmitter. At this point a physical search would have to be done.
Audio Tapes Available
Audio tapes of all the seminars given at EXPO 89' are available to
COMSEC members. They can be obtained by contacting:
Audio Archives International
3043 Foothill Blvd
Suite #2
Crescenta, CA 91214
Washington DC COMSEC Chapter News
The first meeting of the DC chapter will be April 1990. Mike
Brumbaugh is looking for help in setting up a successful chapter
and meeting. If you are interested in helping him, mike can be
reached at 703-739-8313. Mike said that details of the first
meeting will be sent to members as they become available.
S & L'S Phone Bugged
The Washington Post noted in a recent article that the phone used
by California state S&L examiners had been bugged. The phone, which
was supposed to be a private line, had been tampered with so the
investigators calls could be monitored from other phones in the
building. (Editors note: I'm not sure bugged is the correct word,
jury rigged sounds more like it. Besides who, in their right mind
would pass sensitive information of any type in the same building
they are working in.) Private Investigators were called in to track
down were the calls were being monitored from but were unable to
because the key to the phone room could not be found! When they
returned two days later the phone lines had been returned to
normal. The bugged phone was cited as one of the ways that Lincoln
Savings & Loan attempted to frustrate regulators.
Hacker, Age 15, Enters GRUMMAN Corporation Computer System
A youth from Levittown, New York gained access to the computer that
Grumman uses to handle military customers including the Pentagon.
Grumman stated that all the material that the youth had gained
access to was recovered and he was caught because Grumman's own
computers detected his illegal entry into the system.
Membership Certificates and Cards
Membership certificates and cards will be sent to all members in
the months of January and February. The association wants to
apologize to all our members for the delay. For those of you that
received the membership cards with a expiration date of 1-1-90, you
may send them back and we'll send you a new one with a correct
date.
Advertising
Both the COMSEC BULLETIN and the COMSEC JOURNAL will accept paid
advertising. This will allow both publications to increase their
scope and provide even more pages per issue. If you are interested
in placing any type of advertising in either publication contact
the COMSEC Association at 301-670-0512.
TECHNET DATA SYSTEMS - First COMSEC Corporate Sponsor
Technet Data Systems has become the COMSEC Associations first
corporate sponsor. Technet is a small corporation that provides
computer services ranging from installation of small and large
systems to troubleshooting existing systems. Located in the
Washington, DC area the have provided a wide range of services to
large and small corporations. TECHNET also will custom build a
system to fit in your price range.
They can be reached at 703-471-8714 or by writing :
44901 Falcon Place
Suite 110
Sterling, VA 22170
Call To Writers
COMSEC members, you can now enhance your professional prestige and
even give your company a plug by authoring a article for
publication in the COMSEC JOURNAL. The association is seeking
individuals who can speak authoritatively on different aspects of
the security field and wish to become involved. If you are one of
those professionals with a knack for writing let the association
know.
Competitive Intelligence
For those of us who believe that corporate spying has gone the way
of the EDSEL, think again. Todays term of competitive intelligence
may sound nicer but major corporations still spend large sums to
stay one step ahead of their competition.
Most companies simply employ improved telecommunications and
computer systems to evaluate their competitors but others have gone
as far as hiring ex-FBI agents to uncover information. The
undercover work may be as straightforward as reading the other guys
employee publications or as complicated as analyzing all of a
competitors operations. One major US corporation has admitted that
they have sent their personnel to count smokestacks, delivery
trucks and employees cars at a rival facility. A spokesperson for
the corporation stated "This type of information can help you
determine how well your rival is doing." One of this competitive
intelligence firms most prized intelligence coups was a competitors
in-house phone book, which was used to reconstruct and estimate the
competitions pricing structure.
Here are a few examples of major corporations that utilize
information on their competitors.
* AT&T has an 800-man world-wide network of employees who
monitor competitors sales teams, trade publications and
research papers for the latest developments. This
information is fed into a data base, analyzed and then
supplied to key management on a daily basis.
* Kraft Inc analyzes point-of-purchase scanner data to get
not only price information but also product features and
promotional programs. Kraft has also gone to the extreme
of hiring consultants to interview competitors under the
guise of "independent market research."

Reference in New Issue View Git Blame Copy Permalink