LIST SECURITY - what's going on here?

["Jon O." <jono () networkcommand com>]

On 28-Feb-2006, Fergie wrote:
> This might not be news to some of you, but I unsubscribed to
> FD several months ago due to the SN ratio. :-)

Yeah, too bad Gadi kicked Lance from this 'open' list so now we
have to use FD to discuss it or get other details ;(. It's unforunate
the list isn't as open as the machine hosting it (and the other
"high security" lists like DA, MWP, TH-R):

[someone sent this over, found it interesting -- is that
the default set of open ports on a linux install?]

Interesting ports on linuxbox.org (24.155.83.21):
(The 1646 ports scanned but not shown below are in state: closed)
PORT    STATE SERVICE
9/tcp   open  discard
13/tcp  open  daytime
21/tcp  open  ftp
22/tcp  open  ssh
25/tcp  open  smtp
37/tcp  open  time
53/tcp  open  domain
80/tcp  open  http
110/tcp open  pop3
111/tcp open  rpcbind
113/tcp open  auth
143/tcp open  imap
199/tcp open  smux
443/tcp open  https
587/tcp open  submission
617/tcp open  sco-dtmgr
993/tcp open  imaps
MAC Address: 00:E0:80:4C:8F:00 (Control Resources)

NO HONETPOTS ON LISTSERVS, mailman is enough if a honetpot itself ;)!!

I would be posting more on those other lists, but things
like the example above freak me out when we are handling
sensitive info. Does anyone actually know Sean Schneyer
(tech contact for linuxbox.org)? Can anyone vouch for him?
I assume Gadi knows him, but I never asked. Is the linuxbox.org
machine admin'd by Sean or Gadi? Can someone clarify -- there
were quite a few posts when these lists were started about
the list security, talk of PGP list signing, etc. but it
seems to have been missed in inetd...


BTW, this is truly funny:
http://ip.securescience.net/exploits/P1010029.JPG




_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.