From owner-freebsd-chat  Mon Jul 27 15:12:59 1998
Return-Path: <owner-freebsd-chat@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id PAA22060
          for freebsd-chat-outgoing; Mon, 27 Jul 1998 15:12:59 -0700 (PDT)
          (envelope-from owner-freebsd-chat@FreeBSD.ORG)
Received: from tower.my.domain (nscs28p5.remote.umass.edu [128.119.179.153])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id PAA21967
          for <chat@freebsd.org>; Mon, 27 Jul 1998 15:12:23 -0700 (PDT)
          (envelope-from gp@philos.umass.edu)
Received: from localhost (gp@localhost)
	by tower.my.domain (8.8.8/8.8.8) with SMTP id SAA08588;
	Mon, 27 Jul 1998 18:14:49 -0400 (EDT)
	(envelope-from gp@tower.my.domain)
Date: Mon, 27 Jul 1998 18:14:49 -0400 (EDT)
From: Greg Pavelcak <gpavelcak@philos.umass.edu>
X-Sender: gp@tower.my.domain
To: Dag-Erling Coidan =?iso-8859-1?Q?Sm=F8rgrav?= <dag-erli@ifi.uio.no>
cc: "Jan B. Koum " <jkb@best.com>, Dennis Reiter <mcneills@accessus.net>,
        chat@FreeBSD.ORG
Subject: Re: QPopper exploit
In-Reply-To: <xzplnpf59fc.fsf@hrotti.ifi.uio.no>
Message-ID: <Pine.BSF.4.01.9807271810090.254-100000@tower.my.domain>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=X-UNKNOWN
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from QUOTED-PRINTABLE to 8bit by hub.freebsd.org id PAA22002
Sender: owner-freebsd-chat@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org



On Mon, 27 Jul 1998, Dag-Erling Coidan [iso-8859-1] Smørgrav wrote:

> "Jan B. Koum " <jkb@best.com> writes:
> > 	Every computer which is somehow connected to any network (be it
> > Internet or not) must have proper security in place. If you think you not
> > going to get broken into for whatever reason .. guess what? Yes.
> 
> You know that, and I know that, and I'm sure quite a few other readers
> of this list know that. But you'd be amazed to know how many people
> believe that crackers will overlook them just because they're on a
> dialup.
Me, for example. But the question is what constitutes "proper
security" for a run-of-the-mill pc-user (well equipped with
FreeBSD as his OS) who only goes on-line to fetch his mail and do
a little surfing.

> 
> If I were a cracker, the first thing I'd try would be to scan IP
> ranges known to belong to large ISPs' dialup servers, precisely for
> that reason (and also because there's a much higher chance of finding
> machines run by inexperienced or careless people there than amongst
> permanently connected hosts)

Hmm, major universities for example? (He asks through his UMass
PPP account.)

> 
> DES
> -- 
> Dag-Erling Smørgrav - dag-erli@ifi.uio.no
> 

Greg


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-chat" in the body of the message