From owner-freebsd-questions@FreeBSD.ORG  Fri Jun 19 18:12:35 2009
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id EDA261065672
	for <freebsd-questions@freebsd.org>;
	Fri, 19 Jun 2009 18:12:35 +0000 (UTC)
	(envelope-from prad@towardsfreedom.com)
Received: from idcmail-mo1so.shaw.ca (idcmail-mo1so.shaw.ca [24.71.223.10])
	by mx1.freebsd.org (Postfix) with ESMTP id C0FE08FC1C
	for <freebsd-questions@freebsd.org>;
	Fri, 19 Jun 2009 18:12:35 +0000 (UTC)
	(envelope-from prad@towardsfreedom.com)
Received: from pd2ml1so-ssvc.prod.shaw.ca ([10.0.141.139])
	by pd4mo1so-svcs.prod.shaw.ca with ESMTP; 19 Jun 2009 12:12:35 -0600
X-Cloudmark-SP-Filtered: true
X-Cloudmark-SP-Result: v=1.0 c=0 a=KoDPwd6_AAAA:8 a=DT5jqCSfWoFBxzAvXoEA:9
	a=vr3ka4aTL3a-8FHRJsQA:7 a=8RQxMvPtXS6ydB9DRN5kdwK85gIA:4
Received: from unknown (HELO gom.localdomain) ([70.67.176.112])
	by pd2ml1so-dmz.prod.shaw.ca with ESMTP; 19 Jun 2009 12:12:35 -0600
Received: from gom (localhost [127.0.0.1])
	by gom.localdomain (Postfix) with ESMTP id D7BA1EC74
	for <freebsd-questions@freebsd.org>;
	Fri, 19 Jun 2009 11:12:34 -0700 (PDT)
Date: Fri, 19 Jun 2009 11:12:34 -0700
From: prad <prad@towardsfreedom.com>
To: <freebsd-questions@freebsd.org>
Message-ID: <20090619111234.6883afd2@gom>
X-Mailer: Claws Mail 3.7.1 (GTK+ 2.16.2; x86_64-unknown-linux-gnu)
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Subject: backdoor threat
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 19 Jun 2009 18:12:36 -0000

i just received this 'threat' from someone on a forum:

"+1.2507437628 <-- And....,yes of course this is a fax, but I could
write and execute a script that would have some real fun with it..
Don't you think. Especially from a BSD server ;)

You missed a small back door, if you're nice I'll help you close it. ;)"

i am very curious as to what script this person can write to have fun
with a fax number. what are they going to do - send me junk faxes
instead of junk emails?

however, i'm very curious about the back door. what backdoors are there
on what is pretty well a freebsd server default setup? i have disabled
password access. there are some php forms, but i use the proper way to
set variables. are there other things i should be thinking about?

-- 
In friendship,
prad

                                      ... with you on your journey
Towards Freedom
http://www.towardsfreedom.com (website)
Information, Inspiration, Imagination - truly a site for soaring I's