Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 01 Feb 97 16:50:52 -0500
From:      <dwoodward@intraserve.com>
To:        Bradley Dunn <bradley@dunn.org>
Cc:        "freebsd-isp@freebsd.org" <freebsd-isp@freebsd.org>
Subject:   Re: Spam from rival
Message-ID:  <199702020052.QAA20768@freefall.freebsd.org>

next in thread | raw e-mail | index | archive | help
-------- REPLY, Original message follows --------

> Date: Thursday, 30-Jan-97 07:28 PM
> 
> From: Bradley Dunn             \ Internet:    (bradley@dunn.org)
> Subject: Re: Spam from rival
> 
> On Thu, 30 Jan 1997 dwoodward@intraserve.com wrote:
> 
> > You may have allowed them to obtain most of your client's email 
> > addresses list by leaving in.fingerd in your inetd.conf file!
> 
> 
> This is FreeBSD. It is just fingerd. No in. prefix.
> > I suggest you:
> > 
> > A) "rem" it out of inetd.conf or

> Rem? Isn't that a band? If one wants to turn off a service, one 
comments it out
> with an # (hash).

Do you think the person who sent in the original message is stupid? Or 
perhaps he is smart enough to realize that the "rem" quote was a figure 
of written speech and he really does know how to remove something from 
his inetd.conf.  Really, a # sign you say? Truly amazing->'Thanks Boy 
Wonder'

> > B) use tcpd and block access via /etc/hosts.deny to all but 
"trusted" 
> >    domains or.
> > C) Filter TCP port 79 at your router.
> > 
> > Remember the key question is: How did they get your client's 
addresses?
> > The Finger daemon is your most likely cause.
> > 
> > Try: finger @clari.net.au and see what you get.
> 
> 
> I got the standard "must provide username". FreeBSD ships with the -s 
option to
> fingerd enabled in inetd.conf.

And if he wasn't running fingerd with the -s? Does the -s option work? 
When did you last actually test it?  Not before before reading this 
reply!!!! If you had, judging by your "rem note" we would have all heard 
about it. Or do you actually believe there aren't any bugs in FreeBSD? 
But of course not, as we all know 2.1.6 didn't fix anything in 2.1.5 it 
was perfffffffffffect just like 1.0 

    A direct quote from the FreeBSD Man Page for Fingerd:

    If the line is null (i.e. just a <CRLF> is sent) then finger
    returns a ``default report" report that lists all people logged
    into the system at that moment.

By doing this several times over a period of days logging the results (a 
cron perl script, logging to a file) do you think they would be able to 
get list of users??

> The easiest way to build a list is just call up and ask for a shell
> account. > Then use a little perl script to extract names from 
>/etc/passwd. 

Right!!!!! Call Australia from New York and ask for a dial-up shell 
account. 

"Hi my name is junkmail from easyway.net and I'm calling from New York. 
I would like to apply for a dial-up shell account. 

Consider the reply "sorry but we don't offer shell accounts." ->'How now 
brown cow'?

And as we all know there's only a "few hundred thousand dial-up ip 
providers in the world, so this won;t cost too much if they all say 
yes". Besides why would anyone ever question some one from New York 
wanting a dial-up account in Australia, Japan, Hong Kong, Korea, etc. 

But Hey You Could Try This->'The dial-up service here is so bad and I 
get lots of free air miles credits from my long distance phone company. 
Do you have air miles?' Maybe it will work.

Plus giving out shell accounts isn't bad, since everyone is so honest 
what possible harm could it cause? Why I just can't wait to sign up 
more. That extra $10 a month is worth it




Doug Woodward
IntraServe Technologies Inc.
New Westminster, B.C. Canada

Email: dwoodward@intraserve.com
Phone: (604) 521-0033
  Fax: (604) 521-0403





Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199702020052.QAA20768>