[3438] in bugtraq
Poorly setup news servers
daemon@ATHENA.MIT.EDU (Alan Brown)
Sat Oct 12 17:21:08 1996
Date: Sun, 13 Oct 1996 06:33:23 +1300
Reply-To: Alan Brown <alan@manawatu.gen.nz>
From: Alan Brown <alan@manawatu.gen.nz>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@NETSPACE.ORG>
In-Reply-To: <199610120257.TAA15638@liberty.eng.sun.com>
A few days ago I sent out a malformed checkgroups message to try and
get a regional hierarchy (manawatu.*) off serevrs it shouldn't be on.
It appears that a hell of a lot of people have checkgroups on autopilot
and that the message resulted in quite a few broken news servers around
the world.
Hopefully the lesson has been driven home to the admins concerned that
they shouldn't be blindly accepting and acting on checkgroups from
j.random.netID, but the usual reaction has been hatemail.
If you admin a news machine, please pull that hierarchy. We're sick to
the back teeth of being spammed and I'm now autocancelling anything
xposted to our hierarchy which comes from outside the area and doesn't
reference a local message-ID (to cater for the few times when a local
user crossposts widely).
Additionally, if you admin a machine, make sure that unless you know who a
checkgroups comes from, it isn't automatically actioned. On news sites I
admin, even when I do know who they come from, the final step of the
checkgroups prodcedure - actual group creation/deletion is always passed
thru the news admin as a mailed sh script. It's all too easy to forge a
message from tale nuking most of the big-8 for instance.
After all the effort that's gone into dealing with security and stability
issues with both packages, I'm surprised this buglet has passed unnoticed.
One positive result of this little adventure is that INN and Cnews should
both end up with documented ways of adding checkgroups commentary - adding
leading whitespace on the comment lines - something widespread in
checkgropus messages and easy once you see how it's done without breaking
things, but not immediately obvious.
AB
