[10055] in Commercialization & Privatization of the Internet
Re: If Orson Welles were only alive...
daemon@ATHENA.MIT.EDU (John Hawkinson)
Sat Feb 5 07:41:54 1994
From: John Hawkinson <jhawk@panix.com>
To: bzs@world.std.com (Barry Shein)
Date: Sat, 5 Feb 1994 07:41:18 -0500 (EST)
Cc: karl@mcs.com, com-priv@psi.com
In-Reply-To: <199402050637.AA04858@world.std.com> from "Barry Shein" at Feb 5, 94 01:37:32 am
> Date: Sat, 5 Feb 1994 01:37:32 -0500
Wow, go to bed early and miss the debate :-)
> From: bzs@world.std.com (Barry Shein)
> >From: karl@mcs.com (Karl Denninger)
> >2) Form a mailing list of <real> admins to discuss issues, including
> > break-ins in process.
>
> This is a good idea. I agree that CERT is not the appropriate venue
> for actual security problems other than copying them a summary note
> from time to time.
Of course, this is not a new idea. Scott Chasin, <chasin@crimelab.com>,
started a list late last year called ``bugtraq'' (<bugtraq@crimelab.com>;
send a message saying ``subscribe bugtraq'' to bugtraq-request@crimelab.com).
Of course, it seems that due to crimelab.com being down since December
and only back in the last week, the list has been somewhat silent lately.
In any event, the important difference between bugtraq and Karl's
model is that it doesn't require you to _be_ anyone to read it. YMMV.
Description:
} What is this list about?
}
} This list is for *detailed* discussion of UNIX security holes: what
} they are, how to exploit, and what to do to fix them.
}
} This list is not intended to be about cracking systems or exploiting
} their vunerabilities. It is about defining, recognizing, and preventing use
} of security holes and risks.
}
} Everything submitted to the list is archived and is available to the
} public. Simply send a message to bugtraq-request@crimelab.com with the
} subject of "archive".
}
}
} Remember: YOYOW.
}
} You own your own words. This means that you are responsible for the
} words that you post on this list and that reproduction of those words without
} your permission in any medium outside the distribution of this list may be
} challenged by you, the author.
}
The other thing worth noting is that much security-related discussion
goes on on the firewalls mailing list, <firewalls@greatcircle.com>.
While most of the security discussion that goes on there is
inappropriate to the topic (and drives Brent up the wall), it is
nevertheless useful.
> I am familiar with the problem alluded to in the CERT advisory
> regarding /dev/nit and trapping telnet etc. I informed CERT of the MO
> involved on July 10th, 1993, 7 months ago. So what happened in the
> interim? Not much, other then "tens of thousands" of sites got cracked.
Well, remember us? We were cracked by a /dev/nit sniffer in
mid-October. We publically announced it to the net, as we felt was our
duty (though against CERT's recommendations, etc., etc.). We got tons of
e-mail from admins saying that they'd been affected by this too.
Lastly, of course, removing /dev/nit doesn't mean you're safe. ``They''
can always use loadable kernel modules, or other forms of hackery to
acheive interface promiscuity.
--
John Hawkinson
jhawk@panix.com
