Bugtraq mailing list archives
Re: chroot'ed environment?
From: oea!owner-bugtraq () oea xs4all nl (oea!owner-bugtraq () oea xs4all nl)
Date: Thu, 20 Apr 1995 01:31:08 +0200
From fc.net!owner-bugtraq Sat Apr 08 17:39:24 1995 remote from oea
Received: from hacktic by oea.xs4all.nl (UUPC/extended 1.12n) with UUCP
for root; Sat, 08 Apr 1995 17:39:24 +0100
Received: from sprawl.fc.net by xs1.xs4all.nl with SMTP id AA05674
(5.67b/IDA-1.5 for <root () oea hacktic nl>); Sat, 8 Apr 1995 01:15:56 +0200
Received: from freeside.fc.net (freeside.fc.net [198.6.198.2]) by sprawl.fc.net (8.6.10/8.6.10) with ESMTP id NAA01213
for <bugtraq-outgoing () sprawl fc net>; Fri, 7 Apr 1995 13:11:34 -0500
Received: (from majordom@localhost) by freeside.fc.net (8.6.8.1/8.6.6) id NAA28207 for bugtraq-outgoing; Fri, 7 Apr
1995 13:13:03 -0500
Received: from poly.phys.cwru.edu (poly.PHYS.CWRU.Edu [129.22.176.4]) by freeside.fc.net (8.6.10/8.6.6) with ESMTP id
NAA28196 for <bugtraq () fc net>; Fri, 7 Apr 1995 13:12:57 -0500
Received: (from jstott@localhost) by poly.phys.cwru.edu (8.6.11/8.6.11) id OAA06417; Fri, 7 Apr 1995 14:14:26 -0400
Date: Fri, 7 Apr 1995 14:14:26 -0400
From: Jonathan Stott <jstott () poly phys cwru edu>
Message-Id: <199504071814.OAA06417 () poly phys cwru edu>
To: cklaus () iss net
Subject: Re: SATAN ATTACKS EVERYWHERE
Cc: bugtraq () fc net
Sender: owner-bugtraq () fc net
Precedence: bulk
Sender: Ahmed M. Naas <ahmed () oea xs4all nl>
1. It is HUGE. It eats up tons of disk and ram space. [...]
You don't need to load the whole thing to run the scan (see below). It's disk space requirements are proportional to the number of hosts you plan on scanning.
2. It requires installing other packages like perl. Most hackers aren't able to run anything unless it's a no brainer script. "Gee the bad thing is we've been hacked and someone used SATAN, the good thing is that we got perl5 and a web browser installed."
Fortunately:-)
3. Since you have to use a web browser, you have to either run SATAN from the console (umm, really stupid hacker scanning from his own machine) or redirect the X Display to his own machine (still really stupid). [...]
You don't need a web browser to run the scan, the command line works just fine. For example satan -a 2 somehost will run a 'heavy' scan against somehost without going through the browser. The browser becomes really handy when you want to view the results (but even so, it's not essential - you could make do with just grep if you were really stuck). -JS
From fc.net!owner-bugtraq Sat Apr 08 17:39:25 1995 remote from oea
Received: from hacktic by oea.xs4all.nl (UUPC/extended 1.12n) with UUCP
for root; Sat, 08 Apr 1995 17:39:24 +0100
Received: from sprawl.fc.net by xs1.xs4all.nl with SMTP id AA06764
(5.67b/IDA-1.5 for <root () oea hacktic nl>); Sat, 8 Apr 1995 01:26:11 +0200
Received: from freeside.fc.net (freeside.fc.net [198.6.198.2]) by sprawl.fc.net (8.6.10/8.6.10) with ESMTP id MAA01100
for <bugtraq-outgoing () sprawl fc net>; Fri, 7 Apr 1995 12:24:41 -0500
Received: (from majordom@localhost) by freeside.fc.net (8.6.8.1/8.6.6) id MAA27262 for bugtraq-outgoing; Fri, 7 Apr
1995 12:26:08 -0500
Received: from fiji.oc.nps.navy.mil (fiji.oc.nps.navy.mil [131.120.60.55]) by freeside.fc.net (8.6.10/8.6.6) with SMTP
id MAA27250 for <bugtraq () fc net>; Fri, 7 Apr 1995 12:25:56 -0500
Received: by fiji.oc.nps.navy.mil (940406.SGI/931108.SGI.ANONFTP)
for bugtraq () fc net id AA04175; Fri, 7 Apr 95 10:23:59 -0700
From: forsythe () fiji oc nps navy mil (Carl R. Forsythe)
Message-Id: <9504071723.AA04175 () fiji oc nps navy mil>
Subject: Re: Technical Observations on SATAN: Issue: VMS and TCP/IP
To: bugtraq () fc net
Date: Fri, 7 Apr 1995 10:23:58 -0700 (PDT)
In-Reply-To: <Pine.3.88.9504061647.C17974-0100000 () wu1 wl aecl ca> from "Software Test Account" at Apr 6, 95 04:22:54
pm
X-Mailer: ELM [version 2.4 PL23]
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Content-Length: 1404
Sender: owner-bugtraq () fc net
Precedence: bulk
According to Software Test Account:
On Thu, 6 Apr 1995, Wietse Venema wrote:For some reason when I test SATAN against VMS systems running either UCX or Wollongong TCP/IP stacks the systems crash. This seems to be true for the heavy test only. Other potentially coincidental events include: 1. First test on a given node; when system reboots and a test is again performed a successful test seems to be made. 2. The first test uses the FQDN and the second test uses the IP address. I have no idea where to look? The crash logs do not reveal anything helpful. A message coming from SATAN says: bin/udp_scan: are we talking to a dead host or network? NOTE: The hosts were most certainly alive prior to the test.
We noticed the same thing with one of our VMS nodes that happened to
have SATAN hit it in heavy mode. Since I am not the VMS admin I am not
sure of all the details other than the fact that the machine rebooted when
it was scanned with a heavy scan....I will forward for info as I find
it.....
-Carl
--
=================================================================
Carl R. Forsythe System Administrator, Oceanography Department
NPGS Monterey, CA. E-Mail: forsythe () oc nps navy mil
PGP Version 2.6.2 key available on request
=================================================================
From fc.net!owner-bugtraq Sat Apr 08 17:39:25 1995 remote from oea
Received: from hacktic by oea.xs4all.nl (UUPC/extended 1.12n) with UUCP
for root; Sat, 08 Apr 1995 17:39:25 +0100
Received: from sprawl.fc.net by xs1.xs4all.nl with SMTP id AA09572
(5.67b/IDA-1.5 for <root () oea hacktic nl>); Sat, 8 Apr 1995 01:49:56 +0200
Received: from freeside.fc.net (freeside.fc.net [198.6.198.2]) by sprawl.fc.net (8.6.10/8.6.10) with ESMTP id LAA01077
for <bugtraq-outgoing () sprawl fc net>; Fri, 7 Apr 1995 11:58:09 -0500
Received: (from majordom@localhost) by freeside.fc.net (8.6.8.1/8.6.6) id LAA26837 for bugtraq-outgoing; Fri, 7 Apr
1995 11:59:35 -0500
Received: from merlin.eglin.af.mil ([129.61.1.150]) by freeside.fc.net (8.6.10/8.6.6) with ESMTP id LAA26826 for
<bugtraq () fc net>; Fri, 7 Apr 1995 11:59:29 -0500
Received: (from sears@localhost) by merlin.eglin.af.mil (8.6.10/8.6.9) id LAA23435; Fri, 7 Apr 1995 11:57:49 -0500
Date: Fri, 7 Apr 1995 11:57:47 -0500 (CDT)
From: "David R. Sears" <sears () eglin af mil>
Subject: Problem with SATAN/VMS
To: wietse () wzv win tue nl
Cc: bugtraq () fc net
Message-Id: <Pine.3.89.9504071117.E20707-0100000 () merlin eglin af mil>
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-bugtraq () fc net
Precedence: bulk
The bourne shell script 'rsh.satan' falsely reports a vulnerability on
hosts that are running DEC VMS 6.1 This is because the OS sends the
following message to standard output:
UCX$RSHD - Permission denied - host IP addr
To fix, just add a test for the above string to the 'if $TEST -s
"$tmp_file"' test in 'rsh.satan'.
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
David R. Sears sears () merlin eglin af mil
96 CCSG/SCTXL (904) 882-2678
Eglin AFB, FL 32542 DSN 872-2678
... Any resemblance between the above views and those of my employer,
my terminal, or the view out my window are purely coincidental. Any
resemblance between the above and my own views is non-deterministic.
The question of the existence of views in the absence of anyone to hold
them is left as an exercise for the reader. The question of the
existence of the reader is left as an exercise for the second god
coefficient. (A discussion of non-orthogonal, non-integral polytheism
is beyond the scope of this article.)
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
From gorgan.mti.sgi.com!anoosh Sat Apr 08 17:39:27 1995 remote from oea
Received: from hacktic by oea.xs4all.nl (UUPC/extended 1.12n) with UUCP
for ahmed; Sat, 08 Apr 1995 17:39:27 +0100
Received: from hardy.u.washington.edu by xs1.xs4all.nl with SMTP id AA22622
(5.67b/IDA-1.5 for <ahmed () oea xs4all nl>); Sat, 8 Apr 1995 03:54:12 +0200
Received: from prism.poly.edu by hardy.u.washington.edu
(5.65+UW95.02/UW-NDC Revision: 2.32 ) id AA12081;
Fri, 7 Apr 95 18:47:27 -0700
Received: from rama.poly.edu by prism.poly.edu (5.64/1.34-032891-Polytechnic University)
id AA24147; Fri, 7 Apr 95 21:31:37 -0400
Received: from sgi.sgi.com (SGI.COM) by rama.poly.edu.photon (4.1/SMI-4.1)
id AA22154; Fri, 7 Apr 95 21:47:28 EDT
Received: from sgihub.corp.sgi.com by sgi.sgi.com via ESMTP (950405.SGI.8.6.12/910110.SGI)
id SAA08919; Fri, 7 Apr 1995 18:47:05 -0700
Received: from mti.mti.sgi.com by sgihub.corp.sgi.com via SMTP (940519.SGI.8.6.9/911001.SGI)
id SAA08466; Fri, 7 Apr 1995 18:46:51 -0700
Received: from gorgan.mti.sgi.com by mti.mti.sgi.com via SMTP (931110.SGI/911001.SGI)
for @sgi.com:heer () u washington edu id AA04322; Fri, 7 Apr 95 18:46:38 -0700
Received: by gorgan.mti.sgi.com (940816.SGI.8.6.9/911001.SGI)
id SAA21019; Fri, 7 Apr 1995 18:48:48 -0700
From: "Anoosh Hosseini" <anoosh () gorgan mti sgi com>
Message-Id: <9504071848.ZM21017 () gorgan mti sgi com>
Date: Fri, 7 Apr 1995 18:48:47 -0700
In-Reply-To: Nicholas Heer <heer () u washington edu>
"ISO8859-6 -> ISIRI-3342 (fwd)" (Apr 7, 3:56pm)
References: <Pine.OSF.3.91a.950407154703.13105B-100000 () saul3 u washington edu>
X-Mailer: Z-Mail (3.2.0 26oct94 MediaMail)
To: Nicholas Heer <heer () u washington edu>
Subject: Re: ISO8859-6 -> ISIRI-3342 (fwd)
Cc: reader <reader () rama poly edu>, ITISALAT <ITISALAT () GUVM CCF GEORGETOWN EDU>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
On Apr 7, 3:56pm, Nicholas Heer wrote:
Subject: ISO8859-6 -> ISIRI-3342 (fwd)
Anoosh,
Where can I get a copy of the ISIRI-3342 code page? I've already
looked at tehran.stanford.edu. Has this code page supplanted the iscii
code page? Is there a Persianization program that could load this code
page into my computer in the same way Arabic DOS and Sakhr can load Arabic
code pages? I don't want a word processor just a code page with screen
fonts that I could use with an editor or use to read Persian texts on
line.
Nicholas
I would be glad to Mail anyone the English spec. Yes ISIRI-3342 has replaced ISCII. As to whether everyone over there uses ISIRI-3342, that is an another story. The producers of Persian DOS and Sakr equivalents use their own encoding which only they support. In fact there are about as many encoding as there are major Persian software companies. In a few weeks I will have a Windows viewer for ISIRI-3342 since I assume you wanted a PC solution. regards -anoosh
From fc.net!owner-bugtraq Sun Apr 09 00:40:17 1995 remote from oea
Received: from hacktic by xs4all.nl (UUPC/extended 1.12n) with UUCP
for root; Sun, 09 Apr 1995 00:40:17 +0100
Received: from sprawl.fc.net by xs1.xs4all.nl with SMTP id AA27943
(5.67b/IDA-1.5 for <root () oea hacktic nl>); Sat, 8 Apr 1995 04:56:34 +0200
Received: from freeside.fc.net (freeside.fc.net [198.6.198.2]) by sprawl.fc.net (8.6.10/8.6.10) with ESMTP id QAA01540
for <bugtraq-outgoing () sprawl fc net>; Fri, 7 Apr 1995 16:52:31 -0500
Received: (from majordom@localhost) by freeside.fc.net (8.6.8.1/8.6.6) id QAA02953 for bugtraq-outgoing; Fri, 7 Apr
1995 16:54:02 -0500
Received: from mail.Germany.EU.net (mail.Germany.EU.net [192.76.144.65]) by freeside.fc.net (8.6.10/8.6.6) with ESMTP
id QAA02942 for <bugtraq () fc net>; Fri, 7 Apr 1995 16:53:55 -0500
Received: by mail.Germany.EU.net with SMTP (8.6.5:29/EUnetD-2.5.1.d) via EUnet
id XAA12998; Fri, 7 Apr 1995 23:53:47 +0200
Received: from barolo.ak.munich.ibm.com by prosecco.munich.ibm.de (4.03afxG1.2)
id AA06553; Fri, 7 Apr 1995 23:48:05 +0200
Received: by barolo (AIX 3.2/UCB 5.64/afx1.8)
id AA21930; Fri, 7 Apr 1995 23:50:56 +0200
From: afx () ibm de (Andreas Siegert)
Message-Id: <9504072150.AA21930@barolo>
Subject: Re: Problem with SATAN/VMS
To: sears () eglin af mil (David R. Sears)
Date: Fri, 7 Apr 1995 23:50:55 +0200 (CEST)
Cc: wietse () wzv win tue nl, bugtraq () fc net
In-Reply-To: <Pine.3.89.9504071117.E20707-0100000 () merlin eglin af mil> from "David R. Sears" at Apr 7, 95 11:57:47 am
X-Organisation: EMEA AIX Security CoC / AIX ATG IBM Germany
X-Address: Anzinger Strasse 29, 81617 Muenchen, Germany
X-Phone: +49-89-4504-4509 (internal 945-4509), Fax -4233
X-Mailer: ELM [version 2.4 PL23]
Content-Type: text
Content-Length: 701
Sender: owner-bugtraq () fc net
Precedence: bulk
SATAN on AIX has a similar problem.
AIX emits a permission denied that the simple test (test -s) doesn't catch
The bourne shell script 'rsh.satan' falsely reports a vulnerability on
hosts that are running DEC VMS 6.1 This is because the OS sends the
following message to standard output:
UCX$RSHD - Permission denied - host IP addr
To fix, just add a test for the above string to the 'if $TEST -s
"$tmp_file"' test in 'rsh.satan'.
-- Andreas Siegert afx () ibm de / afx () barolo ak munich ibm com / AFX at IPNET Every time we've moved ahead in IBM, it was because someone was willing to take a chance, put his head on the block, and try something new - Thomas Watson, Jr.
From fc.net!owner-bugtraq Sun Apr 09 00:40:19 1995 remote from oea
Received: from hacktic by xs4all.nl (UUPC/extended 1.12n) with UUCP
for root; Sun, 09 Apr 1995 00:40:19 +0100
Received: from sprawl.fc.net by xs1.xs4all.nl with SMTP id AA17616
(5.67b/IDA-1.5 for <root () oea hacktic nl>); Sat, 8 Apr 1995 08:55:38 +0200
Received: from freeside.fc.net (freeside.fc.net [198.6.198.2]) by sprawl.fc.net (8.6.10/8.6.10) with ESMTP id UAA01773
for <bugtraq-outgoing () sprawl fc net>; Fri, 7 Apr 1995 20:16:23 -0500
Received: (from majordom@localhost) by freeside.fc.net (8.6.8.1/8.6.6) id UAA07065 for bugtraq-outgoing; Fri, 7 Apr
1995 20:17:53 -0500
Received: from dc.anjura.com (cbaltzer.ott.hookup.net [165.154.16.24]) by freeside.fc.net (8.6.10/8.6.6) with ESMTP id
UAA07053 for <bugtraq () fc net>; Fri, 7 Apr 1995 20:17:44 -0500
Received: from Microsoft Mail (PU Serial #1043)
by dc.anjura.com (PostalUnion/SMTP(tm) v2.1.5c for Windows NT(tm))
id AA-1995Apr07.211200.1043.14638; Fri, 07 Apr 1995 21:16:26 -0600
From: cbaltzer () anjura com (Baltzer, Craig)
To: bugtraq () fc net (bugtraq)
Message-Id: <1995Apr07.211200.1043.14638 () dc anjura com>
X-Mailer: Microsoft Mail via PostalUnion/SMTP for Windows NT
Mime-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Organization: Anjura Technology Corporation, Ottawa, Ontario
Date: Fri, 07 Apr 1995 21:16:26 -0600
Subject: All.Net's security testing service
Sender: owner-bugtraq () fc net
Precedence: bulk
Anyone tried running this against a non-UNIX box?? I ran it against one of
our NT boxes. It generated an email message over 30MB (prob. more, but I
killed it at 30MB) as a report...
Craig
=======================================================
Craig Baltzer EMail: cbaltzer () anjura com
Anjura Technology Corp Phone: (613) 727-1411
Ottawa, Ontario (Canada) FAX : (613) 727-1412
=======================================================
From vger.rutgers.edu!owner-linux-ibcs2 Sun Apr 09 00:40:20 1995 remote from oea
Received: from hacktic by xs4all.nl (UUPC/extended 1.12n) with UUCP
for ibcs2; Sun, 09 Apr 1995 00:40:19 +0100
Received: from vger.rutgers.edu by xs1.xs4all.nl with SMTP id AA28919
(5.67b/IDA-1.5 for <ibcs2 () oea xs4all nl>); Sat, 8 Apr 1995 10:49:28 +0200
Received: (from daemon@localhost) by vger.rutgers.edu (8.6.10/8.6.10) id EAA12914 for linux-ibcs2-outgoing; Sat, 8 Apr
1995 04:19:10 -0400
Message-Id: <199504080715.QAA04724 () mustang sdc com au>
From: "Stephen Davies" <scldad () sdc com au>
Subject: Getting closer (?)
To: linux-ibcs2 () vger rutgers edu
Date: Sat, 8 Apr 95 16:45:37 +0930
Encoding: 53 TEXT , 4 TEXT
Sender: owner-linux-ibcs2 () vger rutgers edu
Precedence: bulk
I have built ibcs-pre1.2-950308.tar.gz and successfuly run the SVR4 program
that installs my package. I cannot, however, get the package itself to run.
This may be insufficient memory but hopefully the attached trace will pin
down the cause.
In case it helps, the code was built on Dell UNIX System V.4 - x32.
Thanks,
Stephen
<6>iBCS: devtrace registered on character major 31
<7>iBCS: trace code set to 0xffffeff
<7>[194]4692 trace returns 268435199 {273}
<7>COFF: exec /d2/mstat
<7>COFF: bad filehdr magic
<7>COFF: binfmt_coff: result = -8
<7>XOUT: binfmt_xout entry: /d2/mstat
<7>XOUT: bad magic 0a3a
<7>[195]4694 open("/dev/zero", 00, 01166740)
<7>[195]4694 open returns 3 {1342297932}
<7>[196]4694 mmap(0x0, 0x1000, 0x3, 0x2, 3, 0x0)
<7>[196]4694 mmap returns 1342320640 {0}
<7>[197]4694 close(3)
<7>[197]4694 close returns 0 {3}
<7>[198]4694 mprotect(0x50000000, 116540, 0x7)
<7>[198]4694 mprotect returns 0 {576}
<7>[199]4694 mprotect(0x8048000, 75073, 0x7)
<7>[199]4694 mprotect returns 0 {75073}
<7>[200]4694 getuid()
<7>[200]4694 getuid returns 200 {200}
<7>[201]4694 getgid()
<7>[201]4694 getgid returns 200 {200}
<7>[202]4694 open("/d2/lib/libcrlib.so", 00, 012000352010)
<7>[202]4694 open returns 3 {1342321091}
<7>[203]4694 open("/dev/zero", 00, 012000352010)
<7>[203]4694 open returns 4 {1342321091}
<7>[204]4694 read(3, 0xbfffe794, 4096)
<7>[204]4694 read returns 4096 {1342321091}
<7>[205]4694 mmap(0x0, 0xb2ba4, 0x7, 0x2, 3, 0x0)
<7>[205]4694 mmap returns 1342324736 {0}
<7>[206]4694 mmap(0x500d7000, 0x6c54, 0x7, 0x12, 3, 0xb2000)
<7>[206]4694 mmap returns 1343057920 {1343057920}
<7>[207]4694 mmap(0x500de000, 0xa100, 0x7, 0x12, 4, 0x0)
<7>[207]4694 mmap returns 1343086592 {41216}
<7>[208]4694 close(4)
<7>[208]4694 close returns 0 {41216}
<7>[209]4694 close(3)
<7>[209]4694 close returns 0 {41216}
<7>[210]4695 trace(-1)
<7>[210]4695 trace returns 268435199 {1652}
<7>[211]4695 trace(0)
<7>iBCS: trace code set to 0x0
========================================================================
Stephen Davies Consulting scldad () sdc com au
Adelaide, South Australia. Voice: 61-8-2728863
Computing & Network solutions. Fax : 61-8-2741015
From fc.net!owner-bugtraq Sun Apr 09 00:40:20 1995 remote from oea
Received: from hacktic by xs4all.nl (UUPC/extended 1.12n) with UUCP
for root; Sun, 09 Apr 1995 00:40:20 +0100
Received: from sprawl.fc.net by xs1.xs4all.nl with SMTP id AA00785
(5.67b/IDA-1.5 for <root () oea hacktic nl>); Sat, 8 Apr 1995 12:36:27 +0200
Received: from freeside.fc.net (freeside.fc.net [198.6.198.2]) by sprawl.fc.net (8.6.10/8.6.10) with ESMTP id XAA01833
for <bugtraq-outgoing () sprawl fc net>; Fri, 7 Apr 1995 23:33:56 -0500
Received: (from majordom@localhost) by freeside.fc.net (8.6.8.1/8.6.6) id XAA11466 for bugtraq-outgoing; Fri, 7 Apr
1995 23:35:28 -0500
Received: from durian.usc.edu.ph (durian.usc.edu.ph [165.220.28.253]) by freeside.fc.net (8.6.10/8.6.6) with SMTP id
XAA11453 for <bugtraq () fc net>; Fri, 7 Apr 1995 23:35:18 -0500
Received: by durian.usc.edu.ph; id AA08749; Sat, 8 Apr 1995 12:33:07 +0800
Date: Sat, 8 Apr 1995 12:33:07 +0800 (HKT)
From: "Cenon B.C. Marana Jr." <bonn () durian usc edu ph>
To: lenex <lenex () psyber com>
Cc: bugtraq () fc net
Subject: Re: Shadowed PW file under Linux
In-Reply-To: <199504070543.WAA11406 () jasmine psyber com>
Message-Id: <Pine.OSF.3.91.950408123103.6486B-100000 () durian usc edu ph>
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-bugtraq () fc net
Precedence: bulk
On Thu, 6 Apr 1995, lenex wrote:
Hello All!
Could someone reccomend a good tool for shaddowing the PW file under Linux? This will be my first time setting one up so If you have a Howto that would also be much appreciated.
Me too.. how about for OSF/1? or is there a good/recommended tool for such? Many thanks. Bonn :)
From fc.net!owner-bugtraq Sun Apr 09 00:40:21 1995 remote from oea
Received: from hacktic by xs4all.nl (UUPC/extended 1.12n) with UUCP
for root; Sun, 09 Apr 1995 00:40:21 +0100
Received: from sprawl.fc.net by xs1.xs4all.nl with SMTP id AA26482
(5.67b/IDA-1.5 for <root () oea hacktic nl>); Sat, 8 Apr 1995 16:55:19 +0200
Received: from freeside.fc.net (freeside.fc.net [198.6.198.2]) by sprawl.fc.net (8.6.10/8.6.10) with ESMTP id EAA02175
for <bugtraq-outgoing () sprawl fc net>; Sat, 8 Apr 1995 04:34:50 -0500
Received: (from majordom@localhost) by freeside.fc.net (8.6.8.1/8.6.6) id EAA15317 for bugtraq-outgoing; Sat, 8 Apr
1995 04:36:23 -0500
Received: from crimelab.crimelab.com (crimelab.com [198.64.127.1]) by freeside.fc.net (8.6.10/8.6.6) with ESMTP id
EAA15306 for <bugtraq () fc net>; Sat, 8 Apr 1995 04:36:14 -0500
Received: from canik.bcc.bilkent.edu.tr (canik.bcc.bilkent.edu.tr [139.179.10.17]) by crimelab.crimelab.com
(8.6.10/8.6.10) with SMTP id DAA09970 for <bugtraq () crimelab com>; Sat, 8 Apr 1995 03:34:00 -0600
Received: from biber.bcc.bilkent.edu.tr by bilkent.edu.tr (5.65c/IDA-1.4)
id AA14740; Sat, 8 Apr 1995 12:32:28 +0400
Received: by biber.bcc.bilkent.edu.tr (5.65c/1.4IDA)
id AA21470; Sat, 8 Apr 1995 12:32:24 +0400
From: pevrul () bilkent edu tr (Pevrul Sahin)
Message-Id: <199504080832.AA21470 () biber bcc bilkent edu tr>
Subject: sub
To: bugtraq () crimelab com
Date: Sat, 8 Apr 1995 12:32:23 +0400 (EET DST)
X-Mailer: ELM [version 2.4 PL24]
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Content-Length: 353
Sender: owner-bugtraq () fc net
Precedence: bulk
Please put me on the BUGTRAQ mailing list
Thank you
--
_
P E V R U L
Bilkent University
Bilkent Computer Center
pevrul () bilkent edu tr
From eesun2.tamu.edu!iskandar Sun Apr 09 00:40:24 1995 remote from oea
Received: from hacktic by xs4all.nl (UUPC/extended 1.12n) with UUCP
for ahmed; Sun, 09 Apr 1995 00:40:24 +0100
Received: from hardy.u.washington.edu by xs1.xs4all.nl with SMTP id AA10488
(5.67b/IDA-1.5 for <ahmed () oea xs4all nl>); Sat, 8 Apr 1995 19:15:15 +0200
Received: from prism.poly.edu by hardy.u.washington.edu
(5.65+UW95.02/UW-NDC Revision: 2.32 ) id AA14219;
Sat, 8 Apr 95 09:59:15 -0700
Received: from rama.poly.edu by prism.poly.edu (5.64/1.34-032891-Polytechnic University)
id AA12286; Sat, 8 Apr 95 12:43:26 -0400
Received: from eesun2.tamu.edu by rama.poly.edu.photon (4.1/SMI-4.1)
id AA23033; Sat, 8 Apr 95 12:59:18 EDT
Received: (from iskandar@localhost) by eesun2.tamu.edu (8.6.9/8.6.9) id LAA05744; Sat, 8 Apr 1995 11:59:07 -0500
Date: Sat, 8 Apr 1995 11:59:07 -0500 (CDT)
From: Alexandre Khalil <iskandar () eesun1 tamu edu>
X-Sender: iskandar () eesun2 tamu edu
To: Arabic script mailing list <reader () rama poly edu>
Cc: NCC%SAKACS00 () GUVM CCF GEORGETOWN EDU
Subject: Forwarded mail.... (fwd)
Message-Id: <Pine.SOL.3.90.950408115755.5247F-100000 () eesun2 tamu edu>
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
---------- Forwarded message ----------
Date: Sat, 8 Apr 1995 09:50:05 -0400
From:NCC.at.SAKACS00 () GUVM CCF GEORGETOWN EDU
To: ITISALAT () GUVM CCF GEORGETOWN EDU, at () GUVM CCF GEORGETOWN EDU,
GUVM () GUVM CCF GEORGETOWN EDU
Subject:
Infabs product surveys and documents work in the area of informaticse
in the region (Saudi and Gulf area). First version cited all papers
published through the National Computer Conferences (14 conferences
till now) wich is about 600 papers in both Arabic and English.
Each entry in this work shows full bibliographic information including
title, subject, author(s), abstract and list of descriptives.
For more info please contact:
Chip Computer Services
P. O. Box 51176, Riyadh 11543
Saudi Arabia
Tel: (011966 1) 465-5353
Fax: (011966 1) 464-1442
From fc.net!owner-bugtraq Mon Apr 10 03:07:38 1995 remote from oea
Received: from hacktic by xs4all.nl (UUPC/extended 1.12n) with UUCP
for root; Mon, 10 Apr 1995 03:07:38 +0100
Received: from sprawl.fc.net by xs1.xs4all.nl with SMTP id AA13686
(5.67b/IDA-1.5 for <root () oea hacktic nl>); Mon, 10 Apr 1995 01:07:04 +0200
Received: from freeside.fc.net (freeside.fc.net [198.6.198.2]) by sprawl.fc.net (8.6.10/8.6.10) with ESMTP id LAA03380
for <bugtraq-outgoing () sprawl fc net>; Sun, 9 Apr 1995 11:26:08 -0500
Received: (from majordom@localhost) by freeside.fc.net (8.6.8.1/8.6.6) id LAA00346 for bugtraq-outgoing; Sun, 9 Apr
1995 11:27:50 -0500
Received: from trance.helix.net (trance.helix.net [204.244.2.2]) by freeside.fc.net (8.6.10/8.6.6) with ESMTP id
LAA00335 for <bugtraq () fc net>; Sun, 9 Apr 1995 11:27:42 -0500
Received: from trance.helix.net (chowes () trance helix net [204.244.2.2]) by trance.helix.net (8.6.12/8.6.9) with
ESMTP id EAA03082; Sun, 9 Apr 1995 04:07:05 -0700
Date: Sun, 9 Apr 1995 04:07:05 -0700 (PDT)
From: Charles Howes <chowes () helix net>
To: Michael Shields <shields () tembel org>
Cc: bugtraq () fc net
Subject: Re: All.Net's security testing service
In-Reply-To: <m0rxeue-000DJtC () yage tembel org>
Message-Id: <Pine.SUN.3.91.950409040549.2747D-100000 () trance helix net>
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-bugtraq () fc net
Precedence: bulk
On Sat, 8 Apr 1995, Michael Shields wrote:
You're allowed to run it only once, since crackers have been abusing it.If you run it, it reports some holes, and you make some changes that should fix them, shouldn't you be able to run it again to make sure your system is now clean?
Well, it is a tradeoff. -- Charles Howes -- chowes () helix net Always tell the truth, then you make it the other bloke's problem! - Sean Connery, 1971
Current thread:
- chroot'ed environment? Marc Samama (Apr 18)
- <Possible follow-ups>
- Re: chroot'ed environment? smb () research att com (Apr 19)
- Re: chroot'ed environment? der Mouse (Apr 19)
- Re: chroot'ed environment? Valdis.Kletnieks () vt edu (Apr 20)
- Re: chroot'ed environment? oea!owner-bugtraq () oea xs4all nl (Apr 19)
- Re: chroot'ed environment? don () paranoia com (Apr 20)