Date: Sat, 01 Feb 97 16:50:52 -0500 From: <dwoodward@intraserve.com> To: Bradley Dunn <bradley@dunn.org> Cc: "freebsd-isp@freebsd.org" <freebsd-isp@freebsd.org> Subject: Re: Spam from rival Message-ID: <199702020052.QAA20768@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
-------- REPLY, Original message follows --------
> Date: Thursday, 30-Jan-97 07:28 PM
>
> From: Bradley Dunn \ Internet: (bradley@dunn.org)
> Subject: Re: Spam from rival
>
> On Thu, 30 Jan 1997 dwoodward@intraserve.com wrote:
>
> > You may have allowed them to obtain most of your client's email
> > addresses list by leaving in.fingerd in your inetd.conf file!
>
>
> This is FreeBSD. It is just fingerd. No in. prefix.
> > I suggest you:
> >
> > A) "rem" it out of inetd.conf or
> Rem? Isn't that a band? If one wants to turn off a service, one
comments it out
> with an # (hash).
Do you think the person who sent in the original message is stupid? Or
perhaps he is smart enough to realize that the "rem" quote was a figure
of written speech and he really does know how to remove something from
his inetd.conf. Really, a # sign you say? Truly amazing->'Thanks Boy
Wonder'
> > B) use tcpd and block access via /etc/hosts.deny to all but
"trusted"
> > domains or.
> > C) Filter TCP port 79 at your router.
> >
> > Remember the key question is: How did they get your client's
addresses?
> > The Finger daemon is your most likely cause.
> >
> > Try: finger @clari.net.au and see what you get.
>
>
> I got the standard "must provide username". FreeBSD ships with the -s
option to
> fingerd enabled in inetd.conf.
And if he wasn't running fingerd with the -s? Does the -s option work?
When did you last actually test it? Not before before reading this
reply!!!! If you had, judging by your "rem note" we would have all heard
about it. Or do you actually believe there aren't any bugs in FreeBSD?
But of course not, as we all know 2.1.6 didn't fix anything in 2.1.5 it
was perfffffffffffect just like 1.0
A direct quote from the FreeBSD Man Page for Fingerd:
If the line is null (i.e. just a <CRLF> is sent) then finger
returns a ``default report" report that lists all people logged
into the system at that moment.
By doing this several times over a period of days logging the results (a
cron perl script, logging to a file) do you think they would be able to
get list of users??
> The easiest way to build a list is just call up and ask for a shell
> account. > Then use a little perl script to extract names from
>/etc/passwd.
Right!!!!! Call Australia from New York and ask for a dial-up shell
account.
"Hi my name is junkmail from easyway.net and I'm calling from New York.
I would like to apply for a dial-up shell account.
Consider the reply "sorry but we don't offer shell accounts." ->'How now
brown cow'?
And as we all know there's only a "few hundred thousand dial-up ip
providers in the world, so this won;t cost too much if they all say
yes". Besides why would anyone ever question some one from New York
wanting a dial-up account in Australia, Japan, Hong Kong, Korea, etc.
But Hey You Could Try This->'The dial-up service here is so bad and I
get lots of free air miles credits from my long distance phone company.
Do you have air miles?' Maybe it will work.
Plus giving out shell accounts isn't bad, since everyone is so honest
what possible harm could it cause? Why I just can't wait to sign up
more. That extra $10 a month is worth it
Doug Woodward
IntraServe Technologies Inc.
New Westminster, B.C. Canada
Email: dwoodward@intraserve.com
Phone: (604) 521-0033
Fax: (604) 521-0403
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199702020052.QAA20768>