Date: Mon, 27 Jul 1998 16:28:36 -0600 From: Brett Glass <brett@lariat.org> To: Greg Pavelcak <gpavelcak@philos.umass.edu>, Dag-Erling Coidan =?iso-8859-1?Q?Sm=F8rgrav?= <dag-erli@ifi.uio.no> Cc: "Jan B. Koum " <jkb@best.com>, Dennis Reiter <mcneills@accessus.net>, chat@FreeBSD.ORG Subject: Re: QPopper exploit Message-ID: <199807272300.RAA00688@lariat.lariat.org> In-Reply-To: <Pine.BSF.4.01.9807271810090.254-100000@tower.my.domain> References: <xzplnpf59fc.fsf@hrotti.ifi.uio.no>
next in thread | previous in thread | raw e-mail | index | archive | help
At 06:14 PM 7/27/98 -0400, Greg Pavelcak wrote: >> If I were a cracker, the first thing I'd try would be to scan IP >> ranges known to belong to large ISPs' dialup servers, precisely for >> that reason (and also because there's a much higher chance of finding >> machines run by inexperienced or careless people there than amongst >> permanently connected hosts) > >Hmm, major universities for example? (He asks through his UMass >PPP account.) Major universities often have LOTS of holes. Many haven't patched that Annex server problem, and a few even have *wide open* PPP connections that anyone can use if he or she knows some basic terminal server commands. All dial-ins should be carefully firewalled against exploits. We use SLiRP running on FreeBSD, which is highly effective as a protective layer. (See, we're not such slouches on security, even if our mail server WAS hit by the QPopper exploit.) --Brett To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199807272300.RAA00688>