DOCSLIB.ORG

Client-Side Name Collision Vulnerability in the New Gtld Era: a Systematic Study

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

Client-side Name Collision Vulnerability in the New gTLD Era: A Systematic Study Qi Alfred Chen, Matthew Thomas†, Eric Osterweil†, Yulong Cao, Jie You, Z. Morley Mao University of Michigan, †Verisign Labs [email protected],{mthomas,eosterweil}@verisign.com,{yulongc,jieyou,zmao}@umich.edu ABSTRACT was recently annouced (US-CERT alert TA16-144A), which specif- The recent unprecedented delegation of new generic top-level do- ically targets the leaked WPAD (Web Proxy Auto-Discovery) ser- mains (gTLDs) has exacerbated an existing, but fallow, problem vice discovery queries [79, 87]. In this attack, the attacker simply called name collisions. One concrete exploit of such problem was needs to register a domain that already receives vulnerable internal discovered recently, which targets internal namespaces and en- WPAD query leaks. Since WPAD queries are designed for discover- ables Man in the Middle (MitM) attacks against end-user devices ing and automatically conguring web proxy services, exploiting from anywhere on the Internet. Analysis of the underlying prob- these leaks allows the attacker to set up Man in the Middle (MitM) lem shows that it is not specic to any single service protocol, but proxies on end-user devices from anywhere on the Internet. little attention has been paid to understand the vulnerability status The cornerstone of this attack exploits the leaked service dis- and the defense solution space at the service level. In this paper, covery queries from the internal network services using DNS- we perform the rst systematic study of the robustness of internal based service discovery. With over 600 services registered to sup- network services under name collision attacks. port DNS-based service discovery [41], the name collision prob- We rst perform a measure study and uncover a wide spectrum lem seems likely to be much broader than the WPAD service alone. of services aected by the name collision problem. We then collect However, previous work primarily focus on analyzing and prevent- their client implementations and systematically analyze their vul- ing name collisions at the new gTLD registry and the network lev- nerability status under name collision attacks using dynamic anal- els [44, 87, 95, 102], little attention has been paid to understand ysis. Out of the 48 identied exposed services, we nd that nearly the vulnerability status and the defense solution space at the ser- all (45) of them expose vulnerabilities in popular clients. To demon- vice level. Since services are the direct victims of name collision strate the severity, we construct exploits and nd a set of new name attacks, it is necessary to provide service-level solutions so that collision attacks with severe security implications including MitM they can proactively protect themselves. More importantly, since attacks, internal or personal document leakage, malicious code in- the underlying cause is the domain name resolution in an unin- jection, and credential theft. We analyze the causes, and nd that tended namespace, compared to defenses at other levels, only the the name collision problem broadly breaks common security as- service clients, the actual issuers of the exploited queries, know sumptions made in today’s service client software. Leveraging the the intended namespace and thus have the chance to fundamen- insights from our analysis, we propose multiple service software tally solve the problem. level solutions, which enables the victim services to actively de- In this paper, we perform the rst systematic study of the ro- fend against name collision attacks. bustness of the service client design and implementations under the name collision attack threat model for internal network ser- vices using DNS-based service discovery. Our goal is to systemat- 1 INTRODUCTION ically identify client-side name collision vulnerability in the client software, which causes the client to mistakenly accept the iden- With the unprecendented delegation of new generic top-level do- tity of a name collision attack server. Our results are expected to mains (gTLDs) since late 2013, increasing amounts of leaked in- serve as a guideline for understanding whether and why a certain ternal domain name system (DNS) namespace queries are now client software is vulnerable, as well as providing insights on how resolvable in the public DNS namespace [102]. This has exacer- to mitigate against this emerging class of attacks. To perform the bated a long existing problem, which has been lying fallow, called study, we rst measure the services that are exposed to potential name collisions, in which a DNS query is resolved in an unin- name collisions today by analyzing the leaked queries to the dele- tended namespace [44, 102]. One concrete exploit of such problem gated new gTLDs. Based on the measurement, we form an exposed service dataset with 80 services with high volumes of service dis- Permission to make digital or hard copies of all or part of this work for personal or covery query leaks. Compared to the recent study on the WPAD classroom use is granted without fee provided that copies are not made or distributed service [87], our study for the rst time uncovers the wide spec- for prot or commercial advantage and that copies bear this notice and the full cita- tion on the rst page. Copyrights for components of this work owned by others than trum of services aected by the name collision problem and the the author(s) must be honored. Abstracting with credit is permitted. To copy other- potential security implications. wise, or republish, to post on servers or to redistribute to lists, requires prior specic With the set of exposed services, we manually collect their client permission and/or a fee. Request permissions from [email protected]. CCS’17, Oct. 30–Nov. 3, 2017, Dallas, TX, USA. software, with prioritization for services with higher query leak © 2017 Copyright held by the owner/author(s). Publication rights licensed to ACM. volumes and clients that are more popular among corporate or end 978-1-4503-4946-8/17/10...$15.00 DOI: 10.1145/3133956.3134084 1 users. In total, we are able to collect 57 client implementations cov- on the exposed services today and characterize their designed func- ering 48 exposed services. To systematically perform vulnerability tionality and the potential security implications. analysis, we develop a dynamic analysis framework capable of ana- • We collect the client implementations for the exposed ser- lyzing the clients in a simulated name collision attack environment. vices and systematically analyze their vulnerability status under The analysis is performed by constructing attack server responses, name collision attacks leveraging a dynamic analysis framework. and a vulnerability is revealed if the client accepts the responses Our results show that nearly all the exposed services have popu- and proceeds with the designed service functionality. lar clients vulnerable due to several common design choices. This From the vulnerability analysis, our results reveal that nearly all suggests that the name collision attack threat model broadly breaks (45) of these 48 services have popular clients vulnerable due to sev- common security assumptions made in the service clients today. eral common software design or implementation choices. We nd • Based on the analysis results, we construct exploits and re- that the lack of server authentications, which is also exhibited in port our ndings of a myriad of new name collision attacks with the WPAD exploit, is the root cause for one third of these vulnera- severe security implications, including MitM attack, malicious li- ble services. For the remaining two thirds, their clients do use stan- brary injection, credential theft, etc. These ndings show high end- dard server authentications by default, leveraging TLS certicates to-end exploitability of identied vulnerabilities in practice. or pre-shared keys (PSK). However, nearly all clients using TLS cer- • We identify several fundamental vulnerability causes, in- ticates are found vulnerable due to the default choice of accepting cluding a cause newly introduced by the name collision problem, publicly-valid but previously-unseen certicates from a colliding the lack of namespace dierentiation. Based on the insights, we domain. For the clients using PSK, we nd that majority (88.1%) propose a set of service software level solutions, which enables the of them are vulnerable since they do not enforce server authenti- victim services to actively defend against name collision attacks. cation. We also nd a common vulnerable design choice specic to a previously uncovered but popular use of DNS-based service discovery, Zero-conguration networking (Zeroconf) [14], which 2 BACKGROUND mixes the service discovery in dierent namespaces. These results 2.1 The Name Collision Problem show that even with standard server authentication adopted, the In DNS, a domain name is a set of dot-separated labels that form name collision attack threat model still broadly breaks common se- a tree structure with the DNS root located at the top. The last two curity assumption in today’s internal network service clients. We labels, for example .com and example in www.example.com, are nd that one fundamental cause is the lack of namespace dieren- called the TLD (top-level domain) and SLD (second-level domain). tiation in the current service discovery and server authentication In the DNS ecosystem, the public DNS namespace is for the resolu- methods. This problem is newly introduced by the name collision tion of domain names on the public Internet, and the Internet Cor- problem and it leaves the clients incapable of handling potential poration for Assigned Names and Numbers (ICANN) is the author- name collisions. itative administrator for its DNS root. ICANN delegates the man- To demonstrate the severity of the discovered vulnerabilities, agement of the TLDs to specic TLD registry operators. Outside of we construct exploits in our analysis framework and report our the public DNS namespace, a local area network can also setup an ndings on a number of new name collision attacks.
Recommended publications
  • Universidad Pol Facultad D Trabajo

    Universidad Pol Facultad D Trabajo

    UNIVERSIDAD POLITÉCNICA DE MADRID FACULTAD DE INFORMÁTICA TRABAJO FINAL DE CARRERA ESTUDIO DEL PROTOCOLO XMPP DE MESAJERÍA ISTATÁEA, DE SUS ATECEDETES, Y DE SUS APLICACIOES CIVILES Y MILITARES Autor: José Carlos Díaz García Tutor: Rafael Martínez Olalla Madrid, Septiembre de 2008 2 A mis padres, Francisco y Pilar, que me empujaron siempre a terminar esta licenciatura y que tanto me han enseñado sobre la vida A mis abuelos (q.e.p.d.) A mi hijo icolás, que me ha dejado terminar este trabajo a pesar de robarle su tiempo de juego conmigo Y muy en especial, a Susana, mi fiel y leal compañera, y la luz que ilumina mi camino Agradecimientos En primer lugar, me gustaría agradecer a toda mi familia la comprensión y confianza que me han dado, una vez más, para poder concluir definitivamente esta etapa de mi vida. Sin su apoyo, no lo hubiera hecho. En segundo lugar, quiero agradecer a mis amigos Rafa y Carmen, su interés e insistencia para que llegara este momento. Por sus consejos y por su amistad, les debo mi gratitud. Por otra parte, quiero agradecer a mis compañeros asesores militares de Nextel Engineering sus explicaciones y sabios consejos, que sin duda han sido muy oportunos para escribir el capítulo cuarto de este trabajo. Del mismo modo, agradecer a Pepe Hevia, arquitecto de software de Alhambra Eidos, los buenos ratos compartidos alrrededor de nuestros viejos proyectos sobre XMPP y que encendieron prodigiosamente la mecha de este proyecto. A Jaime y a Bernardo, del Ministerio de Defensa, por haberme hecho descubrir las bondades de XMPP.
  • Mac OS X Server Administrator's Guide

    Mac OS X Server Administrator's Guide

    034-9285.S4AdminPDF 6/27/02 2:07 PM Page 1 Mac OS X Server Administrator’s Guide K Apple Computer, Inc. © 2002 Apple Computer, Inc. All rights reserved. Under the copyright laws, this publication may not be copied, in whole or in part, without the written consent of Apple. The Apple logo is a trademark of Apple Computer, Inc., registered in the U.S. and other countries. Use of the “keyboard” Apple logo (Option-Shift-K) for commercial purposes without the prior written consent of Apple may constitute trademark infringement and unfair competition in violation of federal and state laws. Apple, the Apple logo, AppleScript, AppleShare, AppleTalk, ColorSync, FireWire, Keychain, Mac, Macintosh, Power Macintosh, QuickTime, Sherlock, and WebObjects are trademarks of Apple Computer, Inc., registered in the U.S. and other countries. AirPort, Extensions Manager, Finder, iMac, and Power Mac are trademarks of Apple Computer, Inc. Adobe and PostScript are trademarks of Adobe Systems Incorporated. Java and all Java-based trademarks and logos are trademarks or registered trademarks of Sun Microsystems, Inc. in the U.S. and other countries. Netscape Navigator is a trademark of Netscape Communications Corporation. RealAudio is a trademark of Progressive Networks, Inc. © 1995–2001 The Apache Group. All rights reserved. UNIX is a registered trademark in the United States and other countries, licensed exclusively through X/Open Company, Ltd. 062-9285/7-26-02 LL9285.Book Page 3 Tuesday, June 25, 2002 3:59 PM Contents Preface How to Use This Guide 39 What’s Included
  • Openfire Service Level Agreement

    Openfire Service Level Agreement

    Service Level Agreement Technical Services — Communications Service University Technology Services 1. Overview This Service Level Agreement (SLA) is between University Technology Services (UTS) and either departments or groups choosing to utilize the internal Oakland University instant messaging (OUIM) service. The OUIM service is currently referenced by talk.oakland.edu and runs XMPP/Jabber software called Openfire. Under this SLA, UTS agrees to provide specific information technology (IT) services. This SLA also covers performance and reliability targets and objectives. Section 7 requires the signature and contact information of the group coordinator as an agreement to the SLA. OUIM is an online service that is available on campus and off campus. The requirements to utilize the service are a NetID, an XMPP client, and an Internet connection. XMPP clients are available online. The UTS Helpdesk supports the XMPP clients Spark, Pidgin, and Adium. Instructions are available on the UTS Web site at http://www.oakland.edu/?id=13849&sid=70. 2. Purpose The purpose of this SLA is to establish a cooperative partnership between UTS staff members with the community of customers who may opt into its use by clarifying roles, setting expectations, and providing service objectives and limitations. 3. Terms of Agreement This service is provided on an ongoing basis. From time to time, it may be reviewed and modified by UTS. Modifications to this agreement will be done at the sole discretion of UTS and the Technical Support and Services team (TSS). 4. Service Hours Regularly scheduled maintenance will be scheduled during low-use hours as much as possible; such work will be done either before 8:00 A.M.
  • Perspectives on Free and Open Source Software.Pdf

    Perspectives on Free and Open Source Software.Pdf

    Perspectives on Free and Open Source Software Perspectives on Free and Open Source Software edited by Joseph Feller, Brian Fitzgerald, Scott A. Hissam, and Karim R. Lakhani The MIT Press Cambridge, Massachusetts London, England © 2005 Massachusetts Institute of Technology All rights reserved. No part of this book may be reproduced in any form by any electronic or mechanical means (including photocopying, recording, or information storage and retrieval) without permission in writing from the publisher. MIT Press books may be purchased at special quantity discounts for business or sales promotional use. For information, please e-mail [email protected] or write to Special Sales Department, The MIT Press, 5 Cambridge Center, Cambridge, MA 02142. This book was set in Stone sans and Stone serif by SNP Best-set Typesetter Ltd., Hong Kong. Printed and bound in the United States of America. Library of Congress Cataloging-in-Publication Data Perspectives on free and open source software / edited by Joseph Feller . [et al.]. p. cm. Includes bibliographical references and index. ISBN 0-262-06246-1 (alk. paper) 1. Shareware (Computer software) 2. Open source software. 3. Computer software—Development. I. Feller, Joseph, 1972– QA76.76.S46P47 2005 005.36—dc22 2004064954 10987654321 My love, thanks and humble apologies go to my very patient and supportive family: Carol, Caelen, Damien, and Dylan. JF Arís as Gaeilge: Buíochas mór le mo chlann, Máire, Pól agus Eimear. Is mór agam an iarracht a rinne sibh ar mo shon. BF With heartfelt warmth, I dedicate this book to my wife, Jacqueline, and my two sons, Derek and Zachery, who bring meaning to everything I do.
  • OS X Support Essentials 10.9 Apple Pro Training Series

    OS X Support Essentials 10.9 Apple Pro Training Series

    Apple Pro Training Series: OS X Support Essentials 10.9 Apple Pro Training Series Training Apple Pro Network Configuration Locations: One selected by user Automatic Work Home Test Ethernet Wi-Fi Ethernet 2 FireWire VPN Services: Multiple services activate and prioritized based on service order Understand OS X Mavericks underlying technologies, Configurestand-alone and networked Mac Troubleshoot software and hardware issues software components, and industry-standard protocols. computers with step-by-step instructions. using Apple-recommended procedures and tools. OS X Mavericks Supporting and Troubleshooting OS X Support Essentials 10.9 The Apple-Certified Way to Learn This is the official curriculum of the Apple Mavericks 101: OS X The Apple Pro Training Series is both a self-paced Support Essentials 10.9 course and preparation for Apple learning tool and the official curriculum of the Apple Training and Certified Support Professional (ACSP) 10.9 certification— Certification program. Upon completing the course material in this as well as a top-notch primer for anyone who needs to support, book, you can become an Apple Certified Support Professional by troubleshoot, or optimize OS X Mavericks. This guide provides passing the OS X Support Essentials 10.9 Exam. Work through this comprehensive coverage of Mavericks and is part of the Apple book as self-study material or attend a class at an Apple Authorized Pro Training series—the only Apple-certified books on the Training Center. To learn more, please visit training.apple.com. market. Designed for support technicians, help desk specialists, and ardent Mac users, this guide takes you deep inside the Also in the Apple Pro Training Series: Mavericks operating system.
  • Computer Service Technician- CST Competency Requirements

    Computer Service Technician- CST Competency Requirements

    Computer Service Technician- CST Competency Requirements This Competency listing serves to identify the major knowledge, skills, and training areas which the Computer Service Technician needs in order to perform the job of servicing the hardware and the systems software for personal computers (PCs). The present CST COMPETENCIES only address operating systems for Windows current version, plus three older. Included also are general common Linux and Apple competency information, as proprietary service contracts still keep most details specific to in-house service. The Competency is written so that it can be used as a course syllabus, or the study directed towards the education of individuals, who are expected to have basic computer hardware electronics knowledge and skills. Computer Service Technicians must be knowledgeable in the following technical areas: 1.0 SAFETY PROCEDURES / HANDLING / ENVIRONMENTAL AWARENESS 1.1 Explain the need for physical safety: 1.1.1 Lifting hardware 1.1.2 Electrical shock hazard 1.1.3 Fire hazard 1.1.4 Chemical hazard 1.2 Explain the purpose for Material Safety Data Sheets (MSDS) 1.3 Summarize work area safety and efficiency 1.4 Define first aid procedures 1.5 Describe potential hazards in both in-shop and in-home environments 1.6 Describe proper recycling and disposal procedures 2.0 COMPUTER ASSEMBLY AND DISASSEMBLY 2.1 List the tools required for removal and installation of all computer system components 2.2 Describe the proper removal and installation of a CPU 2.2.1 Describe proper use of Electrostatic Discharge
  • Novell Messenger 3.0 May 2015

    Novell Messenger 3.0 May 2015

    Novell Messenger 3.0 May 2015 1Overview The information in this Readme file pertains to Novell Messenger 3.0. Novell Messenger 3.0 offers enhanced functionality over prior Messenger versions: Mobile Applications: Novell Messenger 3.0 provides native applications for iOS, Android, and BlackBerry devices. For more information, see “Using Novell Messenger on Your Mobile Device” in the Novell Messenger 3.0 Client User Guide. For information about the administrative tasks associated with Messenger mobile applications, see “Managing Messenger Mobile Applications” in the Novell Messenger 3.0 Administration Guide. Simultaneous Client Connections: Novell Messenger 3.0 allows you to maintain simultaneous connections to your Messenger system from multiple workstations or devices. For example, you can be connected to Messenger on your workstation, and then connect to Messenger from a mobile device without being logged out of Messenger on your workstation. For more information about this feature, see “Limiting Physical Access to Client Workstations” in “Securing Novell Messenger” in the Novell Messenger 3.0 Administration Guide. Update Clients (Look and Feel): Novell Messenger 3.0 provides an updated look and feel for both the Windows and Linux/Mac client interfaces. The Messenger 3.0 release also contains the following changes: Removal of NetWare support: With Messenger 3.0 and later, NetWare is no longer supported. ConsoleOne download option: If you have not already installed ConsoleOne, it is available with the Messenger distribution. 2 System Requirements Novell Messenger 3.0 system requirements (including requirements for mobile devices) are listed in “Novell Messenger Hardware and Software Requirements” in the Novell Messenger 3.0 Installation Guide.
  • A Brief Technical Introduction

    A Brief Technical Introduction

    Mac OS X A Brief Technical Introduction Leon Towns-von Stauber, Occam's Razor LISA Hit the Ground Running, December 2005 http://www.occam.com/osx/ X Contents Opening Remarks..............................3 What is Mac OS X?.............................5 A New Kind of UNIX.........................12 A Diferent Kind of UNIX..................15 Resources........................................39 X Opening Remarks 3 This is a technical introduction to Mac OS X, mainly targeted to experienced UNIX users for whom OS X is at least relatively new This presentation covers primarily Mac OS X 10.4.3 (Darwin 8.3), aka Tiger X Legal Notices 4 This presentation Copyright © 2003-2005 Leon Towns-von Stauber. All rights reserved. Trademark notices Apple®, Mac®, Macintosh®, Mac OS®, Finder™, Quartz™, Cocoa®, Carbon®, AppleScript®, Bonjour™, Panther™, Tiger™, and other terms are trademarks of Apple Computer. See <http://www.apple.com/legal/ appletmlist.html>. NeXT®, NeXTstep®, OpenStep®, and NetInfo® are trademarks of NeXT Software. See <http://www.apple.com/legal/nexttmlist.html>. Other trademarks are the property of their respective owners. X What Is It? 5 Answers Ancestry Operating System Products The Structure of Mac OS X X What Is It? Answers 6 It's an elephant I mean, it's like the elephant in the Chinese/Indian parable of the blind men, perceived as diferent things depending on the approach X What Is It? Answers 7 Inheritor of the Mac OS legacy Evolved GUI, Carbon (from Mac Toolbox), AppleScript, QuickTime, etc. The latest version of NeXTstep Mach, Quartz (from Display PostScript), Cocoa (from OpenStep), NetInfo, apps (Mail, Terminal, TextEdit, Preview, Interface Builder, Project Builder, etc.), bundles, faxing from Print panel, NetBoot, etc.
  • A User Study of Off-The-Record Messaging

    A User Study of Off-The-Record Messaging

    A User Study of Off-the-Record Messaging Ryan Stedman Kayo Yoshida Ian Goldberg University of Waterloo 200 University Avenue West Waterloo, Ontario, Canada N2L 3G1 {rstedman@cs, k2yoshid@math, iang@cs}.uwaterloo.ca ABSTRACT Keywords Instant messaging is a prevalent form of communication ac- OTR, Usable Security, Instant Messaging, Think Aloud ross the Internet, yet most instant messaging services pro- vide little security against eavesdroppers or impersonators. 1. INTRODUCTION There are a variety of existing systems that aim to solve There has been much research into creating privacy-en- this problem, but the one that provides the highest level hancing technologies, especially since the Internet has started of privacy is Off-the-Record Messaging (OTR), which aims to play an essential role in everyday life. However, not many to give instant messaging conversations the level of privacy of these technologies have seen widespread adoption. One available in a face-to-face conversation. In the most recent of the reasons for this is that many of these technologies redesign of OTR, as well as increasing the security of the provide insufficient usability [8]. protocol, one of the goals of the designers was to make OTR The process of evaluating and enhancing usability is im- easier to use, without users needing to understand details of portant in order for a privacy-enhancing technology to pro- computer security such as keys or fingerprints. vide benefits to ordinary users. Since privacy is not just To determine if this design goal has been met, we con- intended for computer scientists or cryptographers, but for ducted a user study of the OTR plugin for the Pidgin in- everyone, these technologies should be accessible to the gen- stant messaging client using the think aloud method.
  • Introduction to Free Software-SELF

    Introduction to Free Software-SELF

    Introduction to Free Software Jordi Mas Hernández (coordinador) David Megías Jiménez (coordinador) Jesús M. González Barahona Joaquín Seoane Pascual Gregorio Robles XP07/M2101/02708 © FUOC • XP07/M2101/02708 Introduction to Free Software Jordi Mas Hernández David Megías Jiménez Jesús M. González Barahona Founding member of Softcatalà and Computer Science Engineer by the Professor in the Department of Tele- of the telematic network RedBBS. Universitat Autònoma de Barcelona matic Systems and Computation of He has worked as a consultant in (UAB, Spain). Master in Advanced the Rey Juan Carlos University (Ma- companies like Menta, Telépolis, Vo- Process Automatisation Techniques drid, Spain), where he coordinates dafone, Lotus, eresMas, Amena and by the UAB. PhD. in Computer Sci- the research group LibreSoft. His Terra España. ence by the UAB. Associate Profes- professional areas of interest include sor in the Computer Science, Multi- the study of free software develop- media and Telecommunication De- ment and the transfer of knowledge partment of the Universitat Oberta in this field to the industrial sector. de Catalunya (UOC, Spain) and Di- rector of the Master Programme in Free Software at the UOC. Joaquín Seoane Pascual Gregorio Robles PhD. Enigeer of Telecommunicati- Assistant professor in the Rey Juan ons in the Politechnical University Carlos University (Madrid, Spain), of Madrid (Spain). He has worked where he acquired his PhD. de- in the private sector and has al- gree in February 2006. Besides his so taught in the Computer Scien- teaching tasks, he researches free ce Faculty of that same university. software development from the Nowadays he is professor in the De- point of view of software enginee- partment of Telematic Systems En- ring, with special focus in quantitati- gineering, and has taught courses ve issues.
  • SPAM Over Internet Telephony and How to Deal with It

    SPAM Over Internet Telephony and How to Deal with It

    SPAM over Internet Telephony and how to deal with it Diploma thesis - Rachid El Khayari Supervisor: Prof. Dr. Claudia Eckert, Dr. Andreas U. Schmidt, Nicolai Kuntze Fraunhofer Institute for Secure Information Technology ’O misery, misery, mumble and moan! Someone invented the telephone, And interrupted a nation’s slumbers, Ringing wrong but similar numbers.’ Ogden Nash (1902 - 1971 / USA) 2 Acknowledgements I want to thank • Prof. Dr. Claudia Eckert for giving me the opportunity to work on this thesis. • Dipl. Inform Nicolai Kuntze and Dr. Andreas U. Schmidt for their great support and trust into my work. • my whole family including my parents Mohamed and Yamina, my brother Soufian, my brother Samir and his wife Nadya, my little niece Sara and last but not least my best friend Inesaf and all others who supported me on my way. 3 Affidavit I hereby declare that the following diploma thesis "SPAM over Internet Telephony and how to deal with it" has been written only by the undersigned and without any assistance from third parties. Furthermore, I confirm that no sources have been used in the preparation of this thesis other than those indicated in the thesis itself. Place, Date Signature 4 Introduction In our modern society telephony has developed to an omnipresent service. People are avail- able at anytime and anywhere. Furthermore the Internet has emerged to an important com- munication medium. These facts and the raising availability of broadband internet access has led to the fusion of these two services. Voice over IP or short VoIP is the keyword, that describes this combina- tion.
  • Tandem Calendar Helps Schools Communicate with Parents About Events

    Tandem Calendar Helps Schools Communicate with Parents About Events

    Tandem Calendar Helps Schools Communicate with Parents about Events Parents can customize a calendar that relates only to their child’s school or activit ies. Richmond Public Schools (RPS) is working with Intand, an online calendaring company, to provide school events and activities in an online format. The calendar, called “Tandem,” can be filtered and customized by the user to show only the events that are relevant for the user. RPS’s Tandem calendar shows all events for each school. Each school’s events are listed under the school’s unique initials. You can filter the calendar by selecting the “filter” option above the monthly calendar. You can then select the school(s) that you would like to see and then se lect “Filter.” You can also search for events by selecting the “search” option above the calendar and then entering key terms. Benefits of Starting a “My Tandem” Account The Tandem calendar can be used without signing in or setting up an account. However, there are benefits to signing up for an account. Here are some of those benefits: • You will have the ability to track events in your Outlook, iCal, Google, Cozi, Windows Live, Yahoo (Beta) or 30 Boxes Calendar. • You will receive notifications via e-mail if events you are tracking are modified or cancelled. • Filters are saved so that each time that you log-in, you will see only those events that you have requested. • Registered users can receive RSS feeds about events or groups that they are currently tracking. How to Sign Up for a “My Tandem” Account To sign-up for an account, go to the calendar, then select “Sign In” at the top right-hand corner of the Webpage.