Date: Sat, 03 May 1997 03:23:32 -0500 From: "Jeffrey J. Mountin" <sysop@mixcom.com> To: "Kevin P. Neal" <kpneal@pobox.com> Cc: hackers@FreeBSD.ORG Subject: Re: SPAM target Message-ID: <3.0.32.19970503032331.00bf4f74@mixcom.com>
next in thread | raw e-mail | index | archive | help
At 02:04 AM 5/3/97 -0400, Kevin P. Neal wrote: >At 06:38 AM 5/3/97 +1000, Daniel O'Callaghan wrote: >>The thing *I'd* like to know is how to get Earthlink to stop allowing >>relay. I've e-mailed them the sendmail rules on how to do it, so they >>can't claim ignorance. > >Sure they can. What kills me when someone tells me drop my secuity. "Yeah, and here are the keys to my house." I only say this because a friend on our system has been on just about every provider that can provide local access to Milwaukee. He only bitches about my security. The basic inverse checking for telnet POP, ftp, and telnet blocked him many a time. Don't know how some of large nations got that way.... would guess 2 factors. You *can* throw money at a problem to "fix" it and customers are easily gulled. >There's an ISP near here that is so poorly run that they can't get anything >right. > >For example, normal users could telnet into the mail server. Their solution? >Disable telnetd on the mail server. They forgot to disable rlogin. Wonder if you could say link time to chargen there? >They also reportedly had the permissions wrong on /tmp. A friend of mine >(who is one of their customers) emailed them the exact command >"chmod 1777 /tmp". Their response? "We're working on it.". > >Some people *really* are *that dumb*. Guess that is better than 5777 on a CGI dir or the more common 4777 on cgi programs, which a malicious user could exploit. Have to admit the can to some "creative" work: ; <<>> DiG 2.1 <<>> -x ;; res options: init recurs defnam dnsrch ;; got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6 ;; flags: qr aa rd ra; Ques: 1, Ans: 1, Auth: 4, Addit: 4 ;; QUESTIONS: ;; 7.72.55.206.in-addr.arpa, type = ANY, class = IN ;; ANSWERS: 7.72.55.206.in-addr.arpa. 86400 CNAME 7.0/24.72.55.206.in-addr.arpa. Sorry, but I don't care to guess what they did for this to show up. OTOH, I have dealt with a number of ISPs and private networks that at least could follow how to setup/fix inverse mapping. Can't stand "It isn't OUR system." ------------------------------------------- Jeff Mountin - System/Network Administrator jeff@mixcom.net MIX Communications Serving the Internet since 1990
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3.0.32.19970503032331.00bf4f74>