ARCHIVE: 'Phage List' - Archives (1988 - 1989)
DOCUMENT: phage #132 [Re: some points to make with the media] (1 message, 890 bytes)
NOTICE: securitydigest.org recognises the rights of all third-party works.
START OF DOCUMENT
From: email@example.com (Don Speck)
Date: Sun 23:36:17 06/11/1988 EST
Subject: Re: some points to make with the media
References: [Thread Prev: 403] [Thread Next: 161] [Message Prev: 082] [Message Next: 084]
> [Erik Fair:] 5. The Internet is basically back on-line now. The size of my SMTP queue says that it isn't. Of course, it doesn't help that JPL dumped their sendmail queue onto mine (with uucp). JPL disconnected Wednesday night and I hear that they'll be off the air for another day. But they even disconnected for Labor Day weekend. > [Doug Comer:] (an analogy: even if I leave > my office door open, ransacking my office is still unethical/illegal. I thought everyone agreed that nothing was ransacked. What puzzles me is that this vax and its twin were not affected. They're still wide open. /usr/lib/sendmail is on a filesystem mounted readonly (dual-ported) so I can't fix it without bringing both vaxen down. (/usr/tmp is a symlink, of course). They're near the top of the /etc/hosts of an infected vax that they both list in /etc/hosts.equiv and /.rhosts. Still, nothing. How could it pass up a hostname like cit-tingduck?. What stopped it? Are you SURE that the worm doesn't try to write something on /usr? Please don't tell me that I have to decompile this myself to find out. Does the official decompilation compile down to the exact same binary?
END OF DOCUMENT
|ISSN 1742-948X 01 (Online) | 2005/03/01 | Copyright 2002-2008 securitydigest.org. All rights reserved.|