Bugtraq mailing list archives
Re: chroot'ed environment?
From: oea!owner-bugtraq () oea xs4all nl (oea!owner-bugtraq () oea xs4all nl)
Date: Thu, 20 Apr 1995 01:31:08 +0200
From fc.net!owner-bugtraq Sat Apr 08 17:39:24 1995 remote from oea
Received: from hacktic by oea.xs4all.nl (UUPC/extended 1.12n) with UUCP for root; Sat, 08 Apr 1995 17:39:24 +0100 Received: from sprawl.fc.net by xs1.xs4all.nl with SMTP id AA05674 (5.67b/IDA-1.5 for <root () oea hacktic nl>); Sat, 8 Apr 1995 01:15:56 +0200 Received: from freeside.fc.net (freeside.fc.net [198.6.198.2]) by sprawl.fc.net (8.6.10/8.6.10) with ESMTP id NAA01213 for <bugtraq-outgoing () sprawl fc net>; Fri, 7 Apr 1995 13:11:34 -0500 Received: (from majordom@localhost) by freeside.fc.net (8.6.8.1/8.6.6) id NAA28207 for bugtraq-outgoing; Fri, 7 Apr 1995 13:13:03 -0500 Received: from poly.phys.cwru.edu (poly.PHYS.CWRU.Edu [129.22.176.4]) by freeside.fc.net (8.6.10/8.6.6) with ESMTP id NAA28196 for <bugtraq () fc net>; Fri, 7 Apr 1995 13:12:57 -0500 Received: (from jstott@localhost) by poly.phys.cwru.edu (8.6.11/8.6.11) id OAA06417; Fri, 7 Apr 1995 14:14:26 -0400 Date: Fri, 7 Apr 1995 14:14:26 -0400 From: Jonathan Stott <jstott () poly phys cwru edu> Message-Id: <199504071814.OAA06417 () poly phys cwru edu> To: cklaus () iss net Subject: Re: SATAN ATTACKS EVERYWHERE Cc: bugtraq () fc net Sender: owner-bugtraq () fc net Precedence: bulk Sender: Ahmed M. Naas <ahmed () oea xs4all nl>
1. It is HUGE. It eats up tons of disk and ram space. [...]
You don't need to load the whole thing to run the scan (see below). It's disk space requirements are proportional to the number of hosts you plan on scanning.
2. It requires installing other packages like perl. Most hackers aren't able to run anything unless it's a no brainer script. "Gee the bad thing is we've been hacked and someone used SATAN, the good thing is that we got perl5 and a web browser installed."
Fortunately:-)
3. Since you have to use a web browser, you have to either run SATAN from the console (umm, really stupid hacker scanning from his own machine) or redirect the X Display to his own machine (still really stupid). [...]
You don't need a web browser to run the scan, the command line works just fine. For example satan -a 2 somehost will run a 'heavy' scan against somehost without going through the browser. The browser becomes really handy when you want to view the results (but even so, it's not essential - you could make do with just grep if you were really stuck). -JS
From fc.net!owner-bugtraq Sat Apr 08 17:39:25 1995 remote from oea
Received: from hacktic by oea.xs4all.nl (UUPC/extended 1.12n) with UUCP for root; Sat, 08 Apr 1995 17:39:24 +0100 Received: from sprawl.fc.net by xs1.xs4all.nl with SMTP id AA06764 (5.67b/IDA-1.5 for <root () oea hacktic nl>); Sat, 8 Apr 1995 01:26:11 +0200 Received: from freeside.fc.net (freeside.fc.net [198.6.198.2]) by sprawl.fc.net (8.6.10/8.6.10) with ESMTP id MAA01100 for <bugtraq-outgoing () sprawl fc net>; Fri, 7 Apr 1995 12:24:41 -0500 Received: (from majordom@localhost) by freeside.fc.net (8.6.8.1/8.6.6) id MAA27262 for bugtraq-outgoing; Fri, 7 Apr 1995 12:26:08 -0500 Received: from fiji.oc.nps.navy.mil (fiji.oc.nps.navy.mil [131.120.60.55]) by freeside.fc.net (8.6.10/8.6.6) with SMTP id MAA27250 for <bugtraq () fc net>; Fri, 7 Apr 1995 12:25:56 -0500 Received: by fiji.oc.nps.navy.mil (940406.SGI/931108.SGI.ANONFTP) for bugtraq () fc net id AA04175; Fri, 7 Apr 95 10:23:59 -0700 From: forsythe () fiji oc nps navy mil (Carl R. Forsythe) Message-Id: <9504071723.AA04175 () fiji oc nps navy mil> Subject: Re: Technical Observations on SATAN: Issue: VMS and TCP/IP To: bugtraq () fc net Date: Fri, 7 Apr 1995 10:23:58 -0700 (PDT) In-Reply-To: <Pine.3.88.9504061647.C17974-0100000 () wu1 wl aecl ca> from "Software Test Account" at Apr 6, 95 04:22:54 pm X-Mailer: ELM [version 2.4 PL23] Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Content-Length: 1404 Sender: owner-bugtraq () fc net Precedence: bulk According to Software Test Account:
On Thu, 6 Apr 1995, Wietse Venema wrote:For some reason when I test SATAN against VMS systems running either UCX or Wollongong TCP/IP stacks the systems crash. This seems to be true for the heavy test only. Other potentially coincidental events include: 1. First test on a given node; when system reboots and a test is again performed a successful test seems to be made. 2. The first test uses the FQDN and the second test uses the IP address. I have no idea where to look? The crash logs do not reveal anything helpful. A message coming from SATAN says: bin/udp_scan: are we talking to a dead host or network? NOTE: The hosts were most certainly alive prior to the test.
We noticed the same thing with one of our VMS nodes that happened to have SATAN hit it in heavy mode. Since I am not the VMS admin I am not sure of all the details other than the fact that the machine rebooted when it was scanned with a heavy scan....I will forward for info as I find it..... -Carl -- ================================================================= Carl R. Forsythe System Administrator, Oceanography Department NPGS Monterey, CA. E-Mail: forsythe () oc nps navy mil PGP Version 2.6.2 key available on request =================================================================
From fc.net!owner-bugtraq Sat Apr 08 17:39:25 1995 remote from oea
Received: from hacktic by oea.xs4all.nl (UUPC/extended 1.12n) with UUCP for root; Sat, 08 Apr 1995 17:39:25 +0100 Received: from sprawl.fc.net by xs1.xs4all.nl with SMTP id AA09572 (5.67b/IDA-1.5 for <root () oea hacktic nl>); Sat, 8 Apr 1995 01:49:56 +0200 Received: from freeside.fc.net (freeside.fc.net [198.6.198.2]) by sprawl.fc.net (8.6.10/8.6.10) with ESMTP id LAA01077 for <bugtraq-outgoing () sprawl fc net>; Fri, 7 Apr 1995 11:58:09 -0500 Received: (from majordom@localhost) by freeside.fc.net (8.6.8.1/8.6.6) id LAA26837 for bugtraq-outgoing; Fri, 7 Apr 1995 11:59:35 -0500 Received: from merlin.eglin.af.mil ([129.61.1.150]) by freeside.fc.net (8.6.10/8.6.6) with ESMTP id LAA26826 for <bugtraq () fc net>; Fri, 7 Apr 1995 11:59:29 -0500 Received: (from sears@localhost) by merlin.eglin.af.mil (8.6.10/8.6.9) id LAA23435; Fri, 7 Apr 1995 11:57:49 -0500 Date: Fri, 7 Apr 1995 11:57:47 -0500 (CDT) From: "David R. Sears" <sears () eglin af mil> Subject: Problem with SATAN/VMS To: wietse () wzv win tue nl Cc: bugtraq () fc net Message-Id: <Pine.3.89.9504071117.E20707-0100000 () merlin eglin af mil> Mime-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-bugtraq () fc net Precedence: bulk The bourne shell script 'rsh.satan' falsely reports a vulnerability on hosts that are running DEC VMS 6.1 This is because the OS sends the following message to standard output: UCX$RSHD - Permission denied - host IP addr To fix, just add a test for the above string to the 'if $TEST -s "$tmp_file"' test in 'rsh.satan'. +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ David R. Sears sears () merlin eglin af mil 96 CCSG/SCTXL (904) 882-2678 Eglin AFB, FL 32542 DSN 872-2678 ... Any resemblance between the above views and those of my employer, my terminal, or the view out my window are purely coincidental. Any resemblance between the above and my own views is non-deterministic. The question of the existence of views in the absence of anyone to hold them is left as an exercise for the reader. The question of the existence of the reader is left as an exercise for the second god coefficient. (A discussion of non-orthogonal, non-integral polytheism is beyond the scope of this article.) +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
From gorgan.mti.sgi.com!anoosh Sat Apr 08 17:39:27 1995 remote from oea
Received: from hacktic by oea.xs4all.nl (UUPC/extended 1.12n) with UUCP for ahmed; Sat, 08 Apr 1995 17:39:27 +0100 Received: from hardy.u.washington.edu by xs1.xs4all.nl with SMTP id AA22622 (5.67b/IDA-1.5 for <ahmed () oea xs4all nl>); Sat, 8 Apr 1995 03:54:12 +0200 Received: from prism.poly.edu by hardy.u.washington.edu (5.65+UW95.02/UW-NDC Revision: 2.32 ) id AA12081; Fri, 7 Apr 95 18:47:27 -0700 Received: from rama.poly.edu by prism.poly.edu (5.64/1.34-032891-Polytechnic University) id AA24147; Fri, 7 Apr 95 21:31:37 -0400 Received: from sgi.sgi.com (SGI.COM) by rama.poly.edu.photon (4.1/SMI-4.1) id AA22154; Fri, 7 Apr 95 21:47:28 EDT Received: from sgihub.corp.sgi.com by sgi.sgi.com via ESMTP (950405.SGI.8.6.12/910110.SGI) id SAA08919; Fri, 7 Apr 1995 18:47:05 -0700 Received: from mti.mti.sgi.com by sgihub.corp.sgi.com via SMTP (940519.SGI.8.6.9/911001.SGI) id SAA08466; Fri, 7 Apr 1995 18:46:51 -0700 Received: from gorgan.mti.sgi.com by mti.mti.sgi.com via SMTP (931110.SGI/911001.SGI) for @sgi.com:heer () u washington edu id AA04322; Fri, 7 Apr 95 18:46:38 -0700 Received: by gorgan.mti.sgi.com (940816.SGI.8.6.9/911001.SGI) id SAA21019; Fri, 7 Apr 1995 18:48:48 -0700 From: "Anoosh Hosseini" <anoosh () gorgan mti sgi com> Message-Id: <9504071848.ZM21017 () gorgan mti sgi com> Date: Fri, 7 Apr 1995 18:48:47 -0700 In-Reply-To: Nicholas Heer <heer () u washington edu> "ISO8859-6 -> ISIRI-3342 (fwd)" (Apr 7, 3:56pm) References: <Pine.OSF.3.91a.950407154703.13105B-100000 () saul3 u washington edu> X-Mailer: Z-Mail (3.2.0 26oct94 MediaMail) To: Nicholas Heer <heer () u washington edu> Subject: Re: ISO8859-6 -> ISIRI-3342 (fwd) Cc: reader <reader () rama poly edu>, ITISALAT <ITISALAT () GUVM CCF GEORGETOWN EDU> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii On Apr 7, 3:56pm, Nicholas Heer wrote:
Subject: ISO8859-6 -> ISIRI-3342 (fwd) Anoosh, Where can I get a copy of the ISIRI-3342 code page? I've already looked at tehran.stanford.edu. Has this code page supplanted the iscii code page? Is there a Persianization program that could load this code page into my computer in the same way Arabic DOS and Sakhr can load Arabic code pages? I don't want a word processor just a code page with screen fonts that I could use with an editor or use to read Persian texts on line. Nicholas
I would be glad to Mail anyone the English spec. Yes ISIRI-3342 has replaced ISCII. As to whether everyone over there uses ISIRI-3342, that is an another story. The producers of Persian DOS and Sakr equivalents use their own encoding which only they support. In fact there are about as many encoding as there are major Persian software companies. In a few weeks I will have a Windows viewer for ISIRI-3342 since I assume you wanted a PC solution. regards -anoosh
From fc.net!owner-bugtraq Sun Apr 09 00:40:17 1995 remote from oea
Received: from hacktic by xs4all.nl (UUPC/extended 1.12n) with UUCP for root; Sun, 09 Apr 1995 00:40:17 +0100 Received: from sprawl.fc.net by xs1.xs4all.nl with SMTP id AA27943 (5.67b/IDA-1.5 for <root () oea hacktic nl>); Sat, 8 Apr 1995 04:56:34 +0200 Received: from freeside.fc.net (freeside.fc.net [198.6.198.2]) by sprawl.fc.net (8.6.10/8.6.10) with ESMTP id QAA01540 for <bugtraq-outgoing () sprawl fc net>; Fri, 7 Apr 1995 16:52:31 -0500 Received: (from majordom@localhost) by freeside.fc.net (8.6.8.1/8.6.6) id QAA02953 for bugtraq-outgoing; Fri, 7 Apr 1995 16:54:02 -0500 Received: from mail.Germany.EU.net (mail.Germany.EU.net [192.76.144.65]) by freeside.fc.net (8.6.10/8.6.6) with ESMTP id QAA02942 for <bugtraq () fc net>; Fri, 7 Apr 1995 16:53:55 -0500 Received: by mail.Germany.EU.net with SMTP (8.6.5:29/EUnetD-2.5.1.d) via EUnet id XAA12998; Fri, 7 Apr 1995 23:53:47 +0200 Received: from barolo.ak.munich.ibm.com by prosecco.munich.ibm.de (4.03afxG1.2) id AA06553; Fri, 7 Apr 1995 23:48:05 +0200 Received: by barolo (AIX 3.2/UCB 5.64/afx1.8) id AA21930; Fri, 7 Apr 1995 23:50:56 +0200 From: afx () ibm de (Andreas Siegert) Message-Id: <9504072150.AA21930@barolo> Subject: Re: Problem with SATAN/VMS To: sears () eglin af mil (David R. Sears) Date: Fri, 7 Apr 1995 23:50:55 +0200 (CEST) Cc: wietse () wzv win tue nl, bugtraq () fc net In-Reply-To: <Pine.3.89.9504071117.E20707-0100000 () merlin eglin af mil> from "David R. Sears" at Apr 7, 95 11:57:47 am X-Organisation: EMEA AIX Security CoC / AIX ATG IBM Germany X-Address: Anzinger Strasse 29, 81617 Muenchen, Germany X-Phone: +49-89-4504-4509 (internal 945-4509), Fax -4233 X-Mailer: ELM [version 2.4 PL23] Content-Type: text Content-Length: 701 Sender: owner-bugtraq () fc net Precedence: bulk SATAN on AIX has a similar problem. AIX emits a permission denied that the simple test (test -s) doesn't catch
The bourne shell script 'rsh.satan' falsely reports a vulnerability on hosts that are running DEC VMS 6.1 This is because the OS sends the following message to standard output: UCX$RSHD - Permission denied - host IP addr To fix, just add a test for the above string to the 'if $TEST -s "$tmp_file"' test in 'rsh.satan'.
-- Andreas Siegert afx () ibm de / afx () barolo ak munich ibm com / AFX at IPNET Every time we've moved ahead in IBM, it was because someone was willing to take a chance, put his head on the block, and try something new - Thomas Watson, Jr.
From fc.net!owner-bugtraq Sun Apr 09 00:40:19 1995 remote from oea
Received: from hacktic by xs4all.nl (UUPC/extended 1.12n) with UUCP for root; Sun, 09 Apr 1995 00:40:19 +0100 Received: from sprawl.fc.net by xs1.xs4all.nl with SMTP id AA17616 (5.67b/IDA-1.5 for <root () oea hacktic nl>); Sat, 8 Apr 1995 08:55:38 +0200 Received: from freeside.fc.net (freeside.fc.net [198.6.198.2]) by sprawl.fc.net (8.6.10/8.6.10) with ESMTP id UAA01773 for <bugtraq-outgoing () sprawl fc net>; Fri, 7 Apr 1995 20:16:23 -0500 Received: (from majordom@localhost) by freeside.fc.net (8.6.8.1/8.6.6) id UAA07065 for bugtraq-outgoing; Fri, 7 Apr 1995 20:17:53 -0500 Received: from dc.anjura.com (cbaltzer.ott.hookup.net [165.154.16.24]) by freeside.fc.net (8.6.10/8.6.6) with ESMTP id UAA07053 for <bugtraq () fc net>; Fri, 7 Apr 1995 20:17:44 -0500 Received: from Microsoft Mail (PU Serial #1043) by dc.anjura.com (PostalUnion/SMTP(tm) v2.1.5c for Windows NT(tm)) id AA-1995Apr07.211200.1043.14638; Fri, 07 Apr 1995 21:16:26 -0600 From: cbaltzer () anjura com (Baltzer, Craig) To: bugtraq () fc net (bugtraq) Message-Id: <1995Apr07.211200.1043.14638 () dc anjura com> X-Mailer: Microsoft Mail via PostalUnion/SMTP for Windows NT Mime-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Organization: Anjura Technology Corporation, Ottawa, Ontario Date: Fri, 07 Apr 1995 21:16:26 -0600 Subject: All.Net's security testing service Sender: owner-bugtraq () fc net Precedence: bulk Anyone tried running this against a non-UNIX box?? I ran it against one of our NT boxes. It generated an email message over 30MB (prob. more, but I killed it at 30MB) as a report... Craig ======================================================= Craig Baltzer EMail: cbaltzer () anjura com Anjura Technology Corp Phone: (613) 727-1411 Ottawa, Ontario (Canada) FAX : (613) 727-1412 =======================================================
From vger.rutgers.edu!owner-linux-ibcs2 Sun Apr 09 00:40:20 1995 remote from oea
Received: from hacktic by xs4all.nl (UUPC/extended 1.12n) with UUCP for ibcs2; Sun, 09 Apr 1995 00:40:19 +0100 Received: from vger.rutgers.edu by xs1.xs4all.nl with SMTP id AA28919 (5.67b/IDA-1.5 for <ibcs2 () oea xs4all nl>); Sat, 8 Apr 1995 10:49:28 +0200 Received: (from daemon@localhost) by vger.rutgers.edu (8.6.10/8.6.10) id EAA12914 for linux-ibcs2-outgoing; Sat, 8 Apr 1995 04:19:10 -0400 Message-Id: <199504080715.QAA04724 () mustang sdc com au> From: "Stephen Davies" <scldad () sdc com au> Subject: Getting closer (?) To: linux-ibcs2 () vger rutgers edu Date: Sat, 8 Apr 95 16:45:37 +0930 Encoding: 53 TEXT , 4 TEXT Sender: owner-linux-ibcs2 () vger rutgers edu Precedence: bulk I have built ibcs-pre1.2-950308.tar.gz and successfuly run the SVR4 program that installs my package. I cannot, however, get the package itself to run. This may be insufficient memory but hopefully the attached trace will pin down the cause. In case it helps, the code was built on Dell UNIX System V.4 - x32. Thanks, Stephen <6>iBCS: devtrace registered on character major 31 <7>iBCS: trace code set to 0xffffeff <7>[194]4692 trace returns 268435199 {273} <7>COFF: exec /d2/mstat <7>COFF: bad filehdr magic <7>COFF: binfmt_coff: result = -8 <7>XOUT: binfmt_xout entry: /d2/mstat <7>XOUT: bad magic 0a3a <7>[195]4694 open("/dev/zero", 00, 01166740) <7>[195]4694 open returns 3 {1342297932} <7>[196]4694 mmap(0x0, 0x1000, 0x3, 0x2, 3, 0x0) <7>[196]4694 mmap returns 1342320640 {0} <7>[197]4694 close(3) <7>[197]4694 close returns 0 {3} <7>[198]4694 mprotect(0x50000000, 116540, 0x7) <7>[198]4694 mprotect returns 0 {576} <7>[199]4694 mprotect(0x8048000, 75073, 0x7) <7>[199]4694 mprotect returns 0 {75073} <7>[200]4694 getuid() <7>[200]4694 getuid returns 200 {200} <7>[201]4694 getgid() <7>[201]4694 getgid returns 200 {200} <7>[202]4694 open("/d2/lib/libcrlib.so", 00, 012000352010) <7>[202]4694 open returns 3 {1342321091} <7>[203]4694 open("/dev/zero", 00, 012000352010) <7>[203]4694 open returns 4 {1342321091} <7>[204]4694 read(3, 0xbfffe794, 4096) <7>[204]4694 read returns 4096 {1342321091} <7>[205]4694 mmap(0x0, 0xb2ba4, 0x7, 0x2, 3, 0x0) <7>[205]4694 mmap returns 1342324736 {0} <7>[206]4694 mmap(0x500d7000, 0x6c54, 0x7, 0x12, 3, 0xb2000) <7>[206]4694 mmap returns 1343057920 {1343057920} <7>[207]4694 mmap(0x500de000, 0xa100, 0x7, 0x12, 4, 0x0) <7>[207]4694 mmap returns 1343086592 {41216} <7>[208]4694 close(4) <7>[208]4694 close returns 0 {41216} <7>[209]4694 close(3) <7>[209]4694 close returns 0 {41216} <7>[210]4695 trace(-1) <7>[210]4695 trace returns 268435199 {1652} <7>[211]4695 trace(0) <7>iBCS: trace code set to 0x0 ======================================================================== Stephen Davies Consulting scldad () sdc com au Adelaide, South Australia. Voice: 61-8-2728863 Computing & Network solutions. Fax : 61-8-2741015
From fc.net!owner-bugtraq Sun Apr 09 00:40:20 1995 remote from oea
Received: from hacktic by xs4all.nl (UUPC/extended 1.12n) with UUCP for root; Sun, 09 Apr 1995 00:40:20 +0100 Received: from sprawl.fc.net by xs1.xs4all.nl with SMTP id AA00785 (5.67b/IDA-1.5 for <root () oea hacktic nl>); Sat, 8 Apr 1995 12:36:27 +0200 Received: from freeside.fc.net (freeside.fc.net [198.6.198.2]) by sprawl.fc.net (8.6.10/8.6.10) with ESMTP id XAA01833 for <bugtraq-outgoing () sprawl fc net>; Fri, 7 Apr 1995 23:33:56 -0500 Received: (from majordom@localhost) by freeside.fc.net (8.6.8.1/8.6.6) id XAA11466 for bugtraq-outgoing; Fri, 7 Apr 1995 23:35:28 -0500 Received: from durian.usc.edu.ph (durian.usc.edu.ph [165.220.28.253]) by freeside.fc.net (8.6.10/8.6.6) with SMTP id XAA11453 for <bugtraq () fc net>; Fri, 7 Apr 1995 23:35:18 -0500 Received: by durian.usc.edu.ph; id AA08749; Sat, 8 Apr 1995 12:33:07 +0800 Date: Sat, 8 Apr 1995 12:33:07 +0800 (HKT) From: "Cenon B.C. Marana Jr." <bonn () durian usc edu ph> To: lenex <lenex () psyber com> Cc: bugtraq () fc net Subject: Re: Shadowed PW file under Linux In-Reply-To: <199504070543.WAA11406 () jasmine psyber com> Message-Id: <Pine.OSF.3.91.950408123103.6486B-100000 () durian usc edu ph> Mime-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-bugtraq () fc net Precedence: bulk On Thu, 6 Apr 1995, lenex wrote: Hello All!
Could someone reccomend a good tool for shaddowing the PW file under Linux? This will be my first time setting one up so If you have a Howto that would also be much appreciated.
Me too.. how about for OSF/1? or is there a good/recommended tool for such? Many thanks. Bonn :)
From fc.net!owner-bugtraq Sun Apr 09 00:40:21 1995 remote from oea
Received: from hacktic by xs4all.nl (UUPC/extended 1.12n) with UUCP for root; Sun, 09 Apr 1995 00:40:21 +0100 Received: from sprawl.fc.net by xs1.xs4all.nl with SMTP id AA26482 (5.67b/IDA-1.5 for <root () oea hacktic nl>); Sat, 8 Apr 1995 16:55:19 +0200 Received: from freeside.fc.net (freeside.fc.net [198.6.198.2]) by sprawl.fc.net (8.6.10/8.6.10) with ESMTP id EAA02175 for <bugtraq-outgoing () sprawl fc net>; Sat, 8 Apr 1995 04:34:50 -0500 Received: (from majordom@localhost) by freeside.fc.net (8.6.8.1/8.6.6) id EAA15317 for bugtraq-outgoing; Sat, 8 Apr 1995 04:36:23 -0500 Received: from crimelab.crimelab.com (crimelab.com [198.64.127.1]) by freeside.fc.net (8.6.10/8.6.6) with ESMTP id EAA15306 for <bugtraq () fc net>; Sat, 8 Apr 1995 04:36:14 -0500 Received: from canik.bcc.bilkent.edu.tr (canik.bcc.bilkent.edu.tr [139.179.10.17]) by crimelab.crimelab.com (8.6.10/8.6.10) with SMTP id DAA09970 for <bugtraq () crimelab com>; Sat, 8 Apr 1995 03:34:00 -0600 Received: from biber.bcc.bilkent.edu.tr by bilkent.edu.tr (5.65c/IDA-1.4) id AA14740; Sat, 8 Apr 1995 12:32:28 +0400 Received: by biber.bcc.bilkent.edu.tr (5.65c/1.4IDA) id AA21470; Sat, 8 Apr 1995 12:32:24 +0400 From: pevrul () bilkent edu tr (Pevrul Sahin) Message-Id: <199504080832.AA21470 () biber bcc bilkent edu tr> Subject: sub To: bugtraq () crimelab com Date: Sat, 8 Apr 1995 12:32:23 +0400 (EET DST) X-Mailer: ELM [version 2.4 PL24] Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Content-Length: 353 Sender: owner-bugtraq () fc net Precedence: bulk Please put me on the BUGTRAQ mailing list Thank you -- _ P E V R U L Bilkent University Bilkent Computer Center pevrul () bilkent edu tr
From eesun2.tamu.edu!iskandar Sun Apr 09 00:40:24 1995 remote from oea
Received: from hacktic by xs4all.nl (UUPC/extended 1.12n) with UUCP for ahmed; Sun, 09 Apr 1995 00:40:24 +0100 Received: from hardy.u.washington.edu by xs1.xs4all.nl with SMTP id AA10488 (5.67b/IDA-1.5 for <ahmed () oea xs4all nl>); Sat, 8 Apr 1995 19:15:15 +0200 Received: from prism.poly.edu by hardy.u.washington.edu (5.65+UW95.02/UW-NDC Revision: 2.32 ) id AA14219; Sat, 8 Apr 95 09:59:15 -0700 Received: from rama.poly.edu by prism.poly.edu (5.64/1.34-032891-Polytechnic University) id AA12286; Sat, 8 Apr 95 12:43:26 -0400 Received: from eesun2.tamu.edu by rama.poly.edu.photon (4.1/SMI-4.1) id AA23033; Sat, 8 Apr 95 12:59:18 EDT Received: (from iskandar@localhost) by eesun2.tamu.edu (8.6.9/8.6.9) id LAA05744; Sat, 8 Apr 1995 11:59:07 -0500 Date: Sat, 8 Apr 1995 11:59:07 -0500 (CDT) From: Alexandre Khalil <iskandar () eesun1 tamu edu> X-Sender: iskandar () eesun2 tamu edu To: Arabic script mailing list <reader () rama poly edu> Cc: NCC%SAKACS00 () GUVM CCF GEORGETOWN EDU Subject: Forwarded mail.... (fwd) Message-Id: <Pine.SOL.3.90.950408115755.5247F-100000 () eesun2 tamu edu> Mime-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII ---------- Forwarded message ---------- Date: Sat, 8 Apr 1995 09:50:05 -0400 From:NCC.at.SAKACS00 () GUVM CCF GEORGETOWN EDU To: ITISALAT () GUVM CCF GEORGETOWN EDU, at () GUVM CCF GEORGETOWN EDU, GUVM () GUVM CCF GEORGETOWN EDU Subject: Infabs product surveys and documents work in the area of informaticse in the region (Saudi and Gulf area). First version cited all papers published through the National Computer Conferences (14 conferences till now) wich is about 600 papers in both Arabic and English. Each entry in this work shows full bibliographic information including title, subject, author(s), abstract and list of descriptives. For more info please contact: Chip Computer Services P. O. Box 51176, Riyadh 11543 Saudi Arabia Tel: (011966 1) 465-5353 Fax: (011966 1) 464-1442
From fc.net!owner-bugtraq Mon Apr 10 03:07:38 1995 remote from oea
Received: from hacktic by xs4all.nl (UUPC/extended 1.12n) with UUCP for root; Mon, 10 Apr 1995 03:07:38 +0100 Received: from sprawl.fc.net by xs1.xs4all.nl with SMTP id AA13686 (5.67b/IDA-1.5 for <root () oea hacktic nl>); Mon, 10 Apr 1995 01:07:04 +0200 Received: from freeside.fc.net (freeside.fc.net [198.6.198.2]) by sprawl.fc.net (8.6.10/8.6.10) with ESMTP id LAA03380 for <bugtraq-outgoing () sprawl fc net>; Sun, 9 Apr 1995 11:26:08 -0500 Received: (from majordom@localhost) by freeside.fc.net (8.6.8.1/8.6.6) id LAA00346 for bugtraq-outgoing; Sun, 9 Apr 1995 11:27:50 -0500 Received: from trance.helix.net (trance.helix.net [204.244.2.2]) by freeside.fc.net (8.6.10/8.6.6) with ESMTP id LAA00335 for <bugtraq () fc net>; Sun, 9 Apr 1995 11:27:42 -0500 Received: from trance.helix.net (chowes () trance helix net [204.244.2.2]) by trance.helix.net (8.6.12/8.6.9) with ESMTP id EAA03082; Sun, 9 Apr 1995 04:07:05 -0700 Date: Sun, 9 Apr 1995 04:07:05 -0700 (PDT) From: Charles Howes <chowes () helix net> To: Michael Shields <shields () tembel org> Cc: bugtraq () fc net Subject: Re: All.Net's security testing service In-Reply-To: <m0rxeue-000DJtC () yage tembel org> Message-Id: <Pine.SUN.3.91.950409040549.2747D-100000 () trance helix net> Mime-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-bugtraq () fc net Precedence: bulk On Sat, 8 Apr 1995, Michael Shields wrote:
You're allowed to run it only once, since crackers have been abusing it.If you run it, it reports some holes, and you make some changes that should fix them, shouldn't you be able to run it again to make sure your system is now clean?
Well, it is a tradeoff. -- Charles Howes -- chowes () helix net Always tell the truth, then you make it the other bloke's problem! - Sean Connery, 1971
Current thread:
- chroot'ed environment? Marc Samama (Apr 18)
- <Possible follow-ups>
- Re: chroot'ed environment? smb () research att com (Apr 19)
- Re: chroot'ed environment? der Mouse (Apr 19)
- Re: chroot'ed environment? Valdis.Kletnieks () vt edu (Apr 20)
- Re: chroot'ed environment? oea!owner-bugtraq () oea xs4all nl (Apr 19)
- Re: chroot'ed environment? don () paranoia com (Apr 20)