Bugtraq mailing list archives
Poorly setup news servers
From: alan () manawatu gen nz (Alan Brown)
Date: Sun, 13 Oct 1996 06:33:23 +1300
A few days ago I sent out a malformed checkgroups message to try and get a regional hierarchy (manawatu.*) off serevrs it shouldn't be on. It appears that a hell of a lot of people have checkgroups on autopilot and that the message resulted in quite a few broken news servers around the world. Hopefully the lesson has been driven home to the admins concerned that they shouldn't be blindly accepting and acting on checkgroups from j.random.netID, but the usual reaction has been hatemail. If you admin a news machine, please pull that hierarchy. We're sick to the back teeth of being spammed and I'm now autocancelling anything xposted to our hierarchy which comes from outside the area and doesn't reference a local message-ID (to cater for the few times when a local user crossposts widely). Additionally, if you admin a machine, make sure that unless you know who a checkgroups comes from, it isn't automatically actioned. On news sites I admin, even when I do know who they come from, the final step of the checkgroups prodcedure - actual group creation/deletion is always passed thru the news admin as a mailed sh script. It's all too easy to forge a message from tale nuking most of the big-8 for instance. After all the effort that's gone into dealing with security and stability issues with both packages, I'm surprised this buglet has passed unnoticed. One positive result of this little adventure is that INN and Cnews should both end up with documented ways of adding checkgroups commentary - adding leading whitespace on the comment lines - something widespread in checkgropus messages and easy once you see how it's done without breaking things, but not immediately obvious. AB
Current thread:
- Re: Excellent host SYN-attack fix for BSD hosts Scriptors of DOOM (Oct 11)
- <Possible follow-ups>
- Re: Excellent host SYN-attack fix for BSD hosts Mark Graff (Oct 11)
- Poorly setup news servers Alan Brown (Oct 12)
- HPUX PPP Bug - bugger.ppl Aleph One (Oct 12)
- Re: Poorly setup news servers Bryan Reece (Oct 12)
- Re: Excellent host SYN-attack fix for BSD hosts Avi Freedman (Oct 12)
- Poorly setup news servers Alan Brown (Oct 12)
- Re: Excellent host SYN-attack fix for BSD hosts Charles M. Hannum (Oct 13)
- Re: Excellent host SYN-attack fix for BSD hosts Casper Dik (Oct 14)
- Re: Excellent host SYN-attack fix for BSD hosts Granville Moore (Oct 14)
- Re: Excellent host SYN-attack fix for BSD hosts Vern Paxson (Oct 14)
- Re: Excellent host SYN-attack fix for BSD hosts Jeff Weisberg (Oct 14)
- Re: Excellent host SYN-attack fix for BSD hosts Alan Cox (Oct 15)
- Re: Excellent host SYN-attack fix for BSD hosts Darren Reed (Oct 15)
(Thread continues...)