[8504] in bugtraq
Administrivia
daemon@ATHENA.MIT.EDU (Aleph One)
Wed Nov 11 15:11:55 1998
Date: Wed, 11 Nov 1998 11:42:06 -0600
Reply-To: Aleph One <aleph1@DFW.NET>
From: Aleph One <aleph1@DFW.NET>
To: BUGTRAQ@NETSPACE.ORG
I am killing the FoolProof thread. To many posts with to many ideas of how
to get past the thing. Maybe someone will write a comprehensive article on
the thing and be done with it.
I am killing the tcpd -DPARANOID thread. DJB, with his usual candor, is
correct in as much as the option does not stop the mentioned attack
against the r-services. Nonethless, the point is fairly moot as there
exist many other attacks against the same services.
Repeat after me, "IP address and host name based authentication without
cryptographic controls is bad".
In other news, BugTraq past is 26000 subscriber some time ago.
Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5
Fingerprint EE C9 E8 AA CB AF 09 61 8C 39 EA 47 A8 6A B8 01
