From owner-freebsd-chat Wed Dec 25 03:02:55 1996 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.4/8.8.4) id DAA05492 for chat-outgoing; Wed, 25 Dec 1996 03:02:55 -0800 (PST) Received: from time.cdrom.com (root@time.cdrom.com [204.216.27.226]) by freefall.freebsd.org (8.8.4/8.8.4) with ESMTP id DAA05446; Wed, 25 Dec 1996 03:02:00 -0800 (PST) Received: from time.cdrom.com (jkh@localhost [127.0.0.1]) by time.cdrom.com (8.8.4/8.6.9) with ESMTP id DAA15345; Wed, 25 Dec 1996 03:01:53 -0800 (PST) To: Aleph One cc: freebsd-core@freebsd.org, freebsd-chat@freebsd.org, freebsd-questions@freebsd.org Subject: Re: IP Filtering to www.freebsd.org In-reply-to: Your message of "Tue, 24 Dec 1996 23:15:43 CST." Date: Wed, 25 Dec 1996 03:01:53 -0800 Message-ID: <15340.851511713@time.cdrom.com> From: "Jordan K. Hubbard" Sender: owner-chat@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > I have come across some disturbing information. It seem that FreeBSD > project is filtering IP packets comming from the OpenBSD project. In > particular access from 199.185.137.*, and maybe 199.185.136.*, to > www.freebsd.org. If this is true it marks a very low point on the history > of FreeBSD. This was started well over 3 months ago and is old old news. I fail to understand how this could only suddenly "come to light" for anyone involved with either project, we being very open indeed about it at the time (just search our mailing list archives for freebsd-hackers with Theo as the keyword). We were forced to filter the OpenBSD project because the same hosts and/or IP address range that it uses were also used in repeated attacks against the FreeBSD project's mailing lists and development machines by Theo Deraadt, who actually owns the network in question. These were not covert attacks, they were very open and Theo sent personal mail to several core members threatening to escalate them with the aid of (quote) "his cracker friends." It was at this stage that we added filtering, to try and block (in one small way) such attempts. When the OpenBSD project decides to have someone less criminally inclined as its representative, we'll be happy to discuss this with them. Until then, the man has shown himself unable to exercise a degree of self-restraint which would be consistent with someone of his age and responsibilities, and if he insists on behaving like a 14 year- old cracker then he will obviously be treated as such. It is simply unfortunate in the extreme that he chose to use machines on the same network to conduct his attacks (also misusing a machine at MIT for that purpose, for which its admins were not amused), and has done the OpenBSD project a grave disservice in doing so. We have taken, I believe, only the most appropriate steps to defend ourselves from Theo's juvenile behavior and will continue to do so. > If the project is to succeed its in the basis of its quality, support, > and technical merits, and not by means of cheap tricks. Anyone wish to > comment? This is no "cheap trick", this is self-defense, plain and simple. I only regret that such defense against a "leading light" in the software community is necessary at all. Trust me folks, we have ample documentation for the claims I make above and if you'd like a second opinion, just ask the NetBSD project why it does precisely the same thing with packets from Theo's network. The list of people singularly unimpressed with Theo's behavior in the past and with great reason to distrust it in the future is long indeed. I can only suggest that the OpenBSD project find a more credible representatitive, and if you choose Kevin Mitnick as your best man then you probably shouldn't be too surprised if the FBI shows up at your wedding. Jordan