Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: How was the majordomo bug found ?

From: vds7789 () aw101 iasl ca boeing com (Vincent D. Skahan)
Date: Thu, 9 Jun 1994 14:15:03 -0700 (PDT)

(Brent Chapman writes:)

I first heard about it Monday evening at 5pm.  I don't have any idea
how long the crackers have known about the problem.  I received a copy
of one of the exploit scripts from someone who I won't name (though
they should feel free to name themselves, if they'd like; I know
they're reading this, and I appreciate their work).


Yeah, I appreciate it too.

I suppose I'm curious if:
        - one of the 'bad guys' "dropped a dime" on one of his pals 
        - somebody bled over the source code who had enough experience 
                reading the code in that language to see a problem.
        - somebody had some proactive monitoring in place that we all should
                know about and implement.

The message as I recall it from John said that the holes WERE being actively
exploited.  How did he positively know that ?  

Knowing how to prevent holes is important.
Making known holes (and fixes/workarounds) known is important.
Knowing how to look for evidence of break-ins is important too.

I guess the real questions I was asking were more along the lines of:

        "how did he know that the holes were being exploited?"

        "assuming it was through some monitoring, how'd he do that
        monitoring to identify the use of the holes?"

-- 
 ----------- Vince Skahan ------ vds7789 () aw101 iasl ca boeing com -----------
 "All mammals have hair.  Whales are mammals.  Therefore whales have hair."
 "Shave the whales."
                                                         -Dogbert
Previous By Date Next
Previous By Thread Next

Current thread: