The 'Security Digest' Archives (TM)

Archive: About | Browse | Search | Contributions | Feedback
Site: Help | Index | Search | Contact | Notices | Changes

ARCHIVE: 'Phage List' - Archives (1988 - 1989)
DOCUMENT: phage #244 [Re: Ernie] (1 message, 676 bytes)
SOURCE: http://securitydigest.org/exec/display?f=phage/archive/244.txt&t=text/plain
NOTICE: securitydigest.org recognises the rights of all third-party works.

START OF DOCUMENT

From: Theodore Ts'o <tytso@athena.mit.edu>
To: phage
Date: Thu 13:11:37 10/11/1988 EST
Subject: Re: Ernie
References: [Thread Prev: 242] [Thread Next: 245] [Message Prev: 243] [Message Next: 245]

   Date: Thu, 10 Nov 88 12:27:36 EST
   From: rsalz@pineapple.bbn.com

   Don't the folks at UCB have the running program,
   or did RTMjr remove it ASAP?

An article in the NYT (i think) said that it was a red herring.  Given
the accuracy of media reports regarding the whole thing, who knows?
Especially since there was another news report that he saw the results
from his monitoring program got panicky, and told his friend to post the
anonymous message to tcp-ip.

However, upon closer examination (sparked by Chris Torek's remark that
he didn't think it would work)  the code does nothing; it's either
missing a connect(), or the socket should have been a SOCK_DGRAM.  The
other alternative is that it could really be a red herring instead of a
bug.  Unless the author tells us, we may never know for sure.

						- Ted

END OF DOCUMENT