Date: Mon, 7 Aug 1995 09:01:36 +0800 (WST) From: Peter Wemm <peter@haywire.dialix.com> To: Wolfram Schneider <wosch@cs.tu-berlin.de> Cc: Paul Traina <pst@shockwave.com>, "Jordan K. Hubbard" <jkh@freefall.cdrom.com>, CVS-commiters@freefall.cdrom.com, cvs-libexec@freefall.cdrom.com Subject: Re: cvs commit: src/libexec/getty gettytab.5 main.c Message-ID: <Pine.SV4.3.91.950807084117.17645f-100000@haywire.DIALix.COM> In-Reply-To: <199508062344.BAA07154@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 7 Aug 1995, Wolfram Schneider wrote: > > Paul Traina writes: > >This is pretty bogus (IMO). This is absolutely positivel NOT the sort of > >information you want to present to a user before they've logged in. > > You know this famous program called 'sendmail'? > > $ telnet localhost smtp > Trying 127.0.0.1... > Connected to localhost. > Escape character is '^]'. > 220-localhost Sendmail 8.6.9/8.6.9 ready at Mon, 7 Aug 1995 01:39:45 +0200 > ^^^^^^^^^^^Version ^^^TZ/country/law > 220 ESMTP spoken here > ^^^protocol > > Wolfram Yes, this is unfortunate. Even Satan knows how to scan for the version numbers of known-vulnerable sendmails, and I've seen a few programs that some of our wannabe-elite-cracker type users have left behind after being dispatched.. Lets just say that some of the heuristics about trying to deduce vulnerabilities from the 220-signon were interesting.. :-) Adding a special pseudo-domain-name to "named" was on the cards for a while too. eg: dig @hostname VERSION. TXT - but this was eventually dropped too for security reasons.. Most older named's have spoofing problems, and the 4.9.0 and 4.9.2 series have their own problems. Even 4.9.3 <= beta18 has problems with accepting bogus data as authorative, potentially being exploitable. Sigh. Having this sort of information is nice, provided that it's kept away from the public, or you're prepared upgrade at the very second that a hole is found, and the fix becomes available. -Peter
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.SV4.3.91.950807084117.17645f-100000>