Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1998_4

Bugtraq archives for 4th quarter (Oct-Dec) 1998: Administrivia

Administrivia

Aleph One (aleph1DFW.NET)
Wed, 11 Nov 1998 11:42:06 -0600

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Wietse Venema: "Re: tcpd -DPARANOID doesn't work, and never did"
Previous message: Paul Murphy: "Re: [Fwd: NOTE: Solaris 7 gotcha for some ultras]"

I am killing the FoolProof thread. To many posts with to many ideas of how
to get past the thing. Maybe someone will write a comprehensive article on
the thing and be done with it.

I am killing the tcpd -DPARANOID thread. DJB, with his usual candor, is
correct in as much as the option does not stop the mentioned attack
against the r-services. Nonethless, the point is fairly moot as there
exist many other attacks against the same services.

Repeat after me, "IP address and host name based authentication without
cryptographic controls is bad".

In other news, BugTraq past is 26000 subscriber some time ago.

Aleph One / aleph1dfw.net
http://underground.org/
KeyID 1024/948FD6B5
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01

Next message: Wietse Venema: "Re: tcpd -DPARANOID doesn't work, and never did"
Previous message: Paul Murphy: "Re: [Fwd: NOTE: Solaris 7 gotcha for some ultras]"