From owner-freebsd-chat  Mon Jul 27 13:25:44 1998
Return-Path: <owner-freebsd-chat@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id NAA00853
          for freebsd-chat-outgoing; Mon, 27 Jul 1998 13:25:44 -0700 (PDT)
          (envelope-from owner-freebsd-chat@FreeBSD.ORG)
Received: from ifi.uio.no (0@ifi.uio.no [129.240.64.2])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id NAA00793
          for <chat@freebsd.org>; Mon, 27 Jul 1998 13:25:20 -0700 (PDT)
          (envelope-from dag-erli@ifi.uio.no)
Received: from hrotti.ifi.uio.no (2602@hrotti.ifi.uio.no [129.240.64.15])
	by ifi.uio.no (8.8.8/8.8.7/ifi0.2) with ESMTP id WAA11947;
	Mon, 27 Jul 1998 22:24:41 +0200 (MET DST)
Received: (from dag-erli@localhost) by hrotti.ifi.uio.no ; Mon, 27 Jul 1998 22:24:40 +0200 (MET DST)
Mime-Version: 1.0
To: "Jan B. Koum " <jkb@best.com>
Cc: Dennis Reiter <mcneills@accessus.net>, chat@FreeBSD.ORG
Subject: Re: QPopper exploit
References: <Pine.BSF.3.96.980727130821.23747A-100000@shell6.ba.best.com>
Organization: University of Oslo, Department of Informatics
X-url: http://www.stud.ifi.uio.no/~dag-erli/
X-other-addresses: 'finger dag-erli@ifi.uio.no' for a list
X-disclaimer-1: The views expressed in this article are mine alone, and do
X-disclaimer-2: not necessarily coincide with those of any organisation or
X-disclaimer-3: company with which am or have been affiliated.
X-Stop-Spam: http://www.cauce.org/
From: dag-erli@ifi.uio.no (Dag-Erling Coidan =?iso-8859-1?Q?Sm=F8rgrav?= )
Date: 27 Jul 1998 22:24:39 +0200
In-Reply-To: "Jan B. Koum "'s message of "Mon, 27 Jul 1998 13:09:26 -0700 (PDT)"
Message-ID: <xzplnpf59fc.fsf@hrotti.ifi.uio.no>
Lines: 19
X-Mailer: Gnus v5.5/Emacs 19.34
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by hub.freebsd.org id NAA00807
Sender: owner-freebsd-chat@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

"Jan B. Koum " <jkb@best.com> writes:
> 	Every computer which is somehow connected to any network (be it
> Internet or not) must have proper security in place. If you think you not
> going to get broken into for whatever reason .. guess what? Yes.

You know that, and I know that, and I'm sure quite a few other readers
of this list know that. But you'd be amazed to know how many people
believe that crackers will overlook them just because they're on a
dialup.

If I were a cracker, the first thing I'd try would be to scan IP
ranges known to belong to large ISPs' dialup servers, precisely for
that reason (and also because there's a much higher chance of finding
machines run by inexperienced or careless people there than amongst
permanently connected hosts)

DES
-- 
Dag-Erling Smørgrav - dag-erli@ifi.uio.no

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-chat" in the body of the message