Date: Sat, 01 Feb 97 16:50:52 -0500 From: <dwoodward@intraserve.com> To: Bradley Dunn <bradley@dunn.org> Cc: "freebsd-isp@freebsd.org" <freebsd-isp@freebsd.org> Subject: Re: Spam from rival Message-ID: <199702020052.QAA20768@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
-------- REPLY, Original message follows -------- > Date: Thursday, 30-Jan-97 07:28 PM > > From: Bradley Dunn \ Internet: (bradley@dunn.org) > Subject: Re: Spam from rival > > On Thu, 30 Jan 1997 dwoodward@intraserve.com wrote: > > > You may have allowed them to obtain most of your client's email > > addresses list by leaving in.fingerd in your inetd.conf file! > > > This is FreeBSD. It is just fingerd. No in. prefix. > > I suggest you: > > > > A) "rem" it out of inetd.conf or > Rem? Isn't that a band? If one wants to turn off a service, one comments it out > with an # (hash). Do you think the person who sent in the original message is stupid? Or perhaps he is smart enough to realize that the "rem" quote was a figure of written speech and he really does know how to remove something from his inetd.conf. Really, a # sign you say? Truly amazing->'Thanks Boy Wonder' > > B) use tcpd and block access via /etc/hosts.deny to all but "trusted" > > domains or. > > C) Filter TCP port 79 at your router. > > > > Remember the key question is: How did they get your client's addresses? > > The Finger daemon is your most likely cause. > > > > Try: finger @clari.net.au and see what you get. > > > I got the standard "must provide username". FreeBSD ships with the -s option to > fingerd enabled in inetd.conf. And if he wasn't running fingerd with the -s? Does the -s option work? When did you last actually test it? Not before before reading this reply!!!! If you had, judging by your "rem note" we would have all heard about it. Or do you actually believe there aren't any bugs in FreeBSD? But of course not, as we all know 2.1.6 didn't fix anything in 2.1.5 it was perfffffffffffect just like 1.0 A direct quote from the FreeBSD Man Page for Fingerd: If the line is null (i.e. just a <CRLF> is sent) then finger returns a ``default report" report that lists all people logged into the system at that moment. By doing this several times over a period of days logging the results (a cron perl script, logging to a file) do you think they would be able to get list of users?? > The easiest way to build a list is just call up and ask for a shell > account. > Then use a little perl script to extract names from >/etc/passwd. Right!!!!! Call Australia from New York and ask for a dial-up shell account. "Hi my name is junkmail from easyway.net and I'm calling from New York. I would like to apply for a dial-up shell account. Consider the reply "sorry but we don't offer shell accounts." ->'How now brown cow'? And as we all know there's only a "few hundred thousand dial-up ip providers in the world, so this won;t cost too much if they all say yes". Besides why would anyone ever question some one from New York wanting a dial-up account in Australia, Japan, Hong Kong, Korea, etc. But Hey You Could Try This->'The dial-up service here is so bad and I get lots of free air miles credits from my long distance phone company. Do you have air miles?' Maybe it will work. Plus giving out shell accounts isn't bad, since everyone is so honest what possible harm could it cause? Why I just can't wait to sign up more. That extra $10 a month is worth it Doug Woodward IntraServe Technologies Inc. New Westminster, B.C. Canada Email: dwoodward@intraserve.com Phone: (604) 521-0033 Fax: (604) 521-0403
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199702020052.QAA20768>