Specifications
SOLUTIONS
WINDOWS SERVER
2003 FLAW
Microsoft Corp. has issued a patch for
the first serious vulnerability to be found
in Windows Server 2003, which company
officials have said is Microsoft’s most
secure
OS yet. Although this is actually
the fourth flaw to affect this software, it
is the first one to be rated critical.
This vulnerability exists in a portion of
the Remote Procedure Call (
RPC) proto-
col, which handles message exchanges
over
TCP/IP. The vulnerability arises
because of incorrect handling of error
messages and affects a particular Dis-
tributed Component Object Model inter-
face with
RPC. A successful exploitation
of this flaw gives an attacker the ability
to run code with local system privileges
on the compromised machine—thereby
giving the attacker complete control of
the system.
In addition to applying the patch for
this vulnerability, Microsoft officials
recommend that customers block
TCP
port 135, the port on which RPC listens.
The patch for this flaw, which also
affects Windows
NT 4.0, 2000, and XP, is
located at www.microsoft.com/technet/
treeview/?url=/technet/security/
bulletin/
MS03-026.asp.—Dennis Fisher
Y
ou may know anonymous remail-
ers from their somewhat shady
association with spam, terror-
ists, child porn rings, and so on. But
remailers—tools that let you send e-mail
and post to newsgroups without revealing
your identity—have practical and legiti-
mate applications. For instance, they can
be useful when you need to blow the whis-
tle on corrupt practices in your workplace,
discuss ideas in a politically oppressed
country, or participate in a self-help group.
If you just want to hide your identity
from casual observers, a Web e-mail from
a Yahoo! address or an
AOL screen name
will work fine. But this technique won’t
stop anyone from figuring out who you
are. Your message header reveals your
IP
address—the server through which you
connect to the Internet. Using that
IP
address, a dedicated investigator can
obtain your name, address, and phone
number. Also, these messages aren’t
encrypted and can be read as they leave
your computer.
Anonymous remailers hide your
IP
address by removing header information.
In its simplest form, a remailer server acts
as an intermediary. You send your message
to the remailer, the remailer strips off the
header, and then forwards your message to
its destination. The receiver sees the
remailer’s
IP address rather than yours.
This strategy was used by anon.penet
.fi, a widely used anonymous remailer that
operated out of Finland from 1993 to 1996.
The problems encountered by anon.penet
.fi demonstrate the weakness in this
approach. The Finnish police forced the
owner, Johan “Julf” Helsingius, to reveal
the identities of individuals accused of
copyright violation and other crimes.
(Helsingius finally closed down the service
because of massive abuse by spammers.)
Servers such as these are termed pseudo-
nymous remailers, because their anonymity
depends on the willingness and ability of
the server administrator to keep the iden-
tities of its users confidential. Another
now-defunct pseudonymous server, at
alpha.c2.org, offered security-enhancing
features, such as support for encryption,
chained remailing, and reply blocks (a
technique that lets people respond to
you without learning your identity).
Truly anonymous remailers don’t
offer any way to reply to the sender.
There are two main types: Cypher-
punk (Type I) and Mixmaster (Type
II). These are harder to use than pseu-
donymous remailers, but they’re
more secure. You need to learn how
to use
PGP encryption, build the mes-
sage, and set up the chain of remailers
through which your message is trans-
mitted. Cypherpunk messages can be
created in Notepad, but Mixmaster
messages require special software.
Cypherpunk uses nested encrypted
messages to route your message through
several remailer servers before it reaches
its destination. At each stop, a layer de-
scribing the next destination is decrypted
and removed before forwarding. Because
the messages shrink with each hop, they
can be tracked on the Internet using traf-
fic analysis techniques. Mixmaster closes
this security gap by rotating the encrypted
Hiding Your Identity
Anonymous remailers let you communicate on the Internet with-
out exposing who you really are. By Sheryl Canter
PC MAGAZINE SEPTEMBER 16, 2003 www.pcmag.com
68
www.pcmag.com/securitywatch
THE LOOKOUT
THE W3-ANONYMOUS REMAILER is a free,
easy-to-use service that hides your identity.
headers from top to bottom as they are
used, so all messages are the same size.
Another technique to confuse traffic
analysis is inserting a random lag time
before messages are forwarded.
You can view a list of remailers, the
reliability of connections among them,
and estimates of latency on the Electronic
Frontiers Georgia Web site (http://
anon.efga.org/Remailers). Another useful
site is www.sendfakemail.com/~raph/
remailer-list.html.
Web-based anonymous e-mail services
are far more user-friendly but less secure.
Hushmail, recently reviewed in PC
Magazine (www.pcmag.com/article2/
0,4149,1132842,00.asp), offers free and paid
versions. Anonymizer.com’s Total Net
Shield product provides anonymous
e-mail, surfing, and instant messaging.
W3-Anonymous Remailer (www.gilc.org/
speech/anonymous/remailer.html) is an-
other free, easy-to-use service.
Sheryl Canter is a contributing editor of PC
Magazine.