Bugtraq mailing list archives
Re: Stupid crackers exploiting stupid users
From: chowes () helix net (Charles Howes)
Date: Sun, 23 Oct 1994 19:24:48 -0700 (PDT)
On Sun, 23 Oct 1994, der Mouse wrote: <message clipped>
This appears to be a forged attempt to mailbomb someone else. If you read the headers carefully, you'll see that SFU appears in only the From: header - the letter comes from helix.net and has a helix.net Message-ID. And when I looked at vanepp () sfu ca....
Yes, vanepp () sfu ca is the guy in charge of security at SFU.
Computing Services? "staff"? A staff person at SFU surely knows better than to send out this piece of stupidity, especially since "expn root" informs me that vanepp is one of nine people who get root's mail.
Yes, he knows better.
So I think someone on helix.net originated this, probably the person responsible for the first piece of stupidity. What vanepp has to do with it I have trouble imagining; I would suspect that sfu.ca had been cracked and vanepp's .forward file replaced to point to the real culprit, but EXPN and VRFY on whistler's SMTP server don't give me that impression.
The account was one of Helix's. It was cracked.
I suppose it's _possible_ that Peter Van Epp _is_ the person responsible and that the mail was forged from his account on helix.net, but that seems extremely unlikely.
Exactly. He is not the responsible one.
I'm sending a copy to root () sfu ca so that (a) vanepp probably gets it, and (b) if vanepp's mail is being stolen somehow that I can't see through VRFY and EXPN, the other roots there can deal with it.
The cracker just wants to mailbomb vanepp. He's done it before, he'll do it again. Just not from *my* site, if I have anything to say about it. Does ANYBODY have any code that will limit the number of messages a single user can send per day?? Or any other code to detect mail bombs? Sending 5 identical messages to different addresses? (Or the same address, for that matter..) -- Charles Howes -- chowes () helix net Always tell the truth, then you make it the other bloke's problem! - Sean Connery, 1971
Current thread:
- Another request for passwords Douglas R. Floyd (Oct 22)
- Re: Another request for passwords Charles Howes (Oct 23)
- Re: Another request for passwords That Whispering Wolf... (Oct 23)
- Re: Another request for passwords Charles Howes (Oct 23)
- Re: Another request for passwords christopher williams (Oct 24)
- Re: Another request for passwords Brett Watson (Oct 25)
- Re: Another request for passwords Charles Howes (Oct 23)
- Stupid crackers exploiting stupid users der Mouse (Oct 23)
- Re: Stupid crackers exploiting stupid users Peter Van Epp (Oct 23)
- Re: Stupid crackers exploiting stupid users Charles Howes (Oct 23)
- Re: Stupid crackers exploiting stupid users pluvius (Oct 25)
- Re: Stupid crackers exploiting stupid users Charles Howes (Oct 26)
- Sun Mouse Bug David J. Bianco (Oct 26)
- Network Volumetric Analysis (NVA) software Frank R. Swift (Oct 26)
- Re: Another request for passwords christopher williams (Oct 23)
- Re: Another request for passwords Doug McLaren (Oct 24)
- Re: Another request for passwords Charles Howes (Oct 27)
- Re: Another request for passwords Charles Howes (Oct 23)