nanog mailing list archives
Re: Rootshell pages hacked
From: John Hawkinson <jhawk () bbnplanet com>
Date: Mon, 2 Nov 1998 10:19:30 -0500 (EST)
This thread has the typical "useless thread on NANOG" problem. It attepts to be tangentially relevent but really it just is not. Certainly, the initial thought -- to communicate that www.rootshell.com was compromised -- was not relevent to north american network operators. Next, a discussion of what it means to be secure, and of course this wasn't relevent for NANOG either, but some well-meaning competant individuals got roped in, presumably in the hope that the discussion would terminate. After all, a little bit of off-topic discussion is fine and useful -- if we tried to find the right mailing list for absolutely *everything*, no one would ever get anything done. But we went long past that point. Discussion of compromises in application programs (ssh), even ones widely used in the network community, is not very appropriate for NANOG either. We could discuss compromises every time Sun released a security patch, or every time rootshell.com posted an exploit -- we'd have more traffic than bugtraq (not hard, it's a moderated list...)! The latest stuff about ftping through SSH tunnels just kicks the bucket even further, beneath the lower standard of conduct to which some of us hold NANOG (because the community seems to be comprised of a more-childish and less-responsible set of individuals than most other communities, so it's foolhardy to try and hold it to high standards). Please try not to dignify any of the traffic in this thread with a reply. If you really feel that your commentary is useful and relevent, please direct it to the authors in private email. Similarly, if you feel a burning need to know the resolution of an issue raised by some individual, please send them private email and I'm sure they'll be happy to forward you the relevent discourse they've received, or direct you to a venue more suited for the discussion. I, for one, am disgusted, but you already knew that. --jhawk
Current thread:
- Re: Rootshell pages hacked Adam D. McKenna (Nov 01)
- Re: Rootshell pages hacked Paul Vixie (Nov 01)
- Re: Rootshell pages hacked Henry Linneweh (Nov 01)
- <Possible follow-ups>
- Re: Rootshell pages hacked Alex P. Rudnev (Nov 02)
- Re: Rootshell pages hacked Adam Rothschild (Nov 02)
- Re: Rootshell pages hacked John P. Reddy (Nov 02)
- Re: Rootshell pages hacked Mikael Abrahamsson (Nov 02)
- Re: Rootshell pages hacked Adam Rothschild (Nov 02)
- Re: Rootshell pages hacked Paul Vixie (Nov 01)
- Re: Rootshell pages hacked John Hawkinson (Nov 02)
- Re: Rootshell pages hacked Adam D. McKenna (Nov 02)
- Re: Rootshell pages hacked themonk (Nov 02)
- Re: Rootshell pages hacked Ryan Pavely (Nov 02)
- Re: Rootshell pages hacked alex (Nov 02)
- Re: Rootshell pages hacked Alex P. Rudnev (Nov 05)
- Re: Rootshell pages hacked Michael Freeman (Nov 05)
- old s/key patch for SSH (was Re: Rootshell pages hacked) John Hensley (Nov 05)
- Re: Rootshell pages hacked Alex P. Rudnev (Nov 05)
- Re: Rootshell pages hacked Adam Rothschild (Nov 05)
- Re: Rootshell pages hacked Michael Freeman (Nov 05)