Bugtraq mailing list archives
Re: Network Security and Privacy
From: coldfire () CLOSED-NETWORKS COM (Cold Fire)
Date: Thu, 20 Apr 2000 12:58:57 +0100
On Wed, Apr 19, 2000 at 08:08:39AM -0400, JavaMan wrote:
This is not a new problem. This is a very old issue that has been ignored for too long. What is new, however, is the large number of users who are now on dialup access, and consequently, dialed into unsecured servers.
Much, if not all, the same information can be gained with the use of a much older tool, 'finger' finger -l @terminalserver.target.com There's much serious problems with having a guessable community name than leeking a few lusers account details. Solution: disable fingerd on your terminal servers Steve -- 'Cold Fire, Britains most notorious hacker' Observer, July 1997 'The most recent conviton was that of [Cold Fire] whose On-line escapades spanned from hacking into educational sites to more sinister activities such as tapping into industrial and United States military sites.' DC Paul Cox, SO6 Scotland Yard CCU
Current thread:
- Network Security and Privacy JavaMan (Apr 19)
- Re: Network Security and Privacy B Potter (Apr 19)
- Re: Network Security and Privacy Cold Fire (Apr 20)
- pop3 spoon spoon (Apr 20)
- Re: pop3 Christopher P. Lindsey (Apr 21)
- Re: pop3 Jason Godsey (Apr 22)
- unsafe fgets() in sendmail's mail.local 3APA3A (Apr 24)
- Re: unsafe fgets() in sendmail's mail.local Claus Assmann (Apr 25)
- Re: pop3 Kris Kennaway (Apr 27)
- pop3 spoon spoon (Apr 20)
- Re: Network Security and Privacy dynamo (Apr 20)