From owner-freebsd-questions Wed Jul 29 01:34:58 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id BAA11731 for freebsd-questions-outgoing; Wed, 29 Jul 1998 01:34:58 -0700 (PDT) (envelope-from owner-freebsd-questions@FreeBSD.ORG) Received: from lucy.bedford.net (lucy.bedford.net [206.99.145.54]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id BAA11723 for ; Wed, 29 Jul 1998 01:34:53 -0700 (PDT) (envelope-from listread@lucy.bedford.net) Received: (from listread@localhost) by lucy.bedford.net (8.8.8/8.8.8) id EAA26010 for freebsd-questions@freebsd.org; Wed, 29 Jul 1998 04:34:22 -0400 (EDT) (envelope-from listread) Message-Id: <199807290834.EAA26010@lucy.bedford.net> Subject: Re: version 2.1.0 and a hacker I can't keep out In-Reply-To: from Sascha Schumann at "Jul 29, 98 07:54:09 am" To: freebsd-questions@FreeBSD.ORG Date: Wed, 29 Jul 1998 04:34:22 -0400 (EDT) X-no-archive: yes Reply-to: djv@bedford.net From: CyberPeasant X-Mailer: ELM [version 2.4ME+ PL38 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Sascha Schumann wrote > On Wed, 29 Jul 1998, CyberPeasant wrote: > > > Looks like a dialup account. Is it always the same IPA? Might > > be spoofed. > > A script kiddie which spoofes a TCP stream. Thats very unlikely ;) Agree. Or an experienced operator who wants to look like a lamer... "A wilderness of mirrors" > We are running qpopper (really nice prog, btw) and I tried the buffer > overflow once on my machine... one command and I had root access. Yup. > > a) Get the latest qpopper port, and build it from source. > > Whats this thing with the ports? This has always the disadvantage of > being (perhaps) outdated. Go to ftp://ftp.qualcomm.com directly and grab > version 2.53. Well, perhaps the original dave is unfamiliar with that. I also assumed that somebody would have updated the official port, which is in fact the case: (from ftp.freebsd.org/pub/FreeBSD/ports/mail/popper:) DISTNAME= qpopper2.53 PKGNAME= qpopper-2.53 CATEGORIES= mail MASTER_SITES= ftp://ftp.qualcomm.com/eudora/servers/unix/popper/ EXTRACT_SUFX= .tar.Z Moreover, there are 10 patch files in the port, some of which are more than just fixing up Makefile. > > b) In conjunction with law enforcement and her ISP, prosecute > > the intruder. law enforcement = FBI, probably. Make her squeal. > > script kiddie == biggest enemy on earth? Calm down plz ;) No, but: a) Putting the Feds on them keeps the Feds busy, and keeps them from dreaming up new schemes about tapping my phone and reading my email. b) The script kid can do a lot of damage, even though he's lame. He has the ability to ruin things far beyond his skill level should allow. He is an idiot armed with a cannon. Under many US state laws, doing deliberate vandalism above a fairly low amount ($500?), is a felony -- a serious crime. I'm sure the kind of thorough audit that needs to be performed after a crack-attack, and refunds made to customers because of downtime, etc etc, can quickly add up to that amount. c) Children need to learn that when they mess up, they should expect a spanking. d) They piss me off. :) Dave -- "Today, machines sit on our desks and spend the overwhelming majority of their cycles doing nothing more important than blinking a cursor." --William Dickens http://www.feedmag.com/html/feedline/98.07dickens/98.07dickens_master.html To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message