From owner-freebsd-chat Mon Jul 27 13:10:16 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id NAA27719 for freebsd-chat-outgoing; Mon, 27 Jul 1998 13:10:16 -0700 (PDT) (envelope-from owner-freebsd-chat@FreeBSD.ORG) Received: from shell6.ba.best.com (jkb@shell6.ba.best.com [206.184.139.137]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id NAA27639 for ; Mon, 27 Jul 1998 13:10:00 -0700 (PDT) (envelope-from jkb@best.com) Received: from localhost (jkb@localhost) by shell6.ba.best.com (8.9.0/8.9.0/best.sh) with SMTP id NAA24274; Mon, 27 Jul 1998 13:09:26 -0700 (PDT) X-Authentication-Warning: shell6.ba.best.com: jkb owned process doing -bs Date: Mon, 27 Jul 1998 13:09:26 -0700 (PDT) From: "Jan B. Koum " X-Sender: jkb@shell6.ba.best.com To: Dennis Reiter cc: chat@FreeBSD.ORG Subject: Re: QPopper exploit In-Reply-To: <000801bdb998$828c9220$0200a8c0@Dell> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-chat@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Every computer which is somehow connected to any network (be it Internet or not) must have proper security in place. If you think you not going to get broken into for whatever reason .. guess what? Yes. -- Yan Jan Koum jkb@best.com | "Turn up the lights; I don't want www.FreeBSD.org -- The Power to Serve | to go home in the dark." "Write longer sentences - they are paying us a lot of money" On Mon, 27 Jul 1998, Dennis Reiter wrote: >In case anyone thinks that the QPopper exploit won't affect them, >because they only use a dial-up line and have a Dynamic IP, >three times in the past week someone from a dial-up line in >Minnesota (ppp64.wimpy.msp.mn.state.net) has attempted to break >into my home box. > >I have Fetchmail setup to dial-in and retrieve mail every other >hour between 6am & 10pm, and also use my workstation as a gateway, >so I have one of about 100 different IP addresses each time I call >in. I don't know why they failed the first time (I hadn't upgraded >-- who in the world would want to hack _ME_? <:-|) but I caught >a strange line of ^P's in my syslog. I upgraded immediately after >changing my shorts and they've tried twice more, once while I was >sitting at the console doing a 'make world.' > >So in case anyone thinks they aren't vulnerable, especially after >reading what happened to Brett, think again. Just because the >chance of it happening is small, doesn't mean it won't. > >Regards, >Denny Reiter >denny@kewanee.net >------------------------------------------ >FreeBSD: Turning PC's into workstations. >See http://www.FreeBSD.ORG/ for info > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-chat" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message