[Subject Prev][Subject Next][Thread Prev][Thread Next][Subject Index][Thread Index]

end of ilugc@aero - long mail

To: ilugc@xxxxxxxxxxxxxxxxxx
Subject: end of ilugc@aero - long mail
From: "Dr. P. Sriram" <sriram@xxxxxxxxxxxxxxxxxx>
Date: Fri, 26 Nov 1999 22:54:11 +0530 (IST)
Reply-to: ilugc@xxxxxxxxxxxxxxxxxx
Sender: ilugc-bounce@xxxxxxxxxxxxxxxxxx

dear luggies,

this is likely to be the last posting on ilugc@aero; i am shutting down
the mailing list with immediate effect. perhaps, the following might
explain why i am doing this.

as you all know, this bill clinton stuff is at the bottom of the matter. 
you might recall that i posted to the list that i was taking some
unspecified action on the matter. of course, from other postings, we are
all aware that the mail came to ilugc via ho.hclcomnet.co.in; my
unspecified action was in the form of mail to sysadmins at hclcomnet. my
position at iitm allows me to exert some influence on hclcomnet. suffice
to say that the influence is in the form of orders worths tens of lakhs. i
informed two people on the ilugc mailing list that i had taken up the
matter with hclcomnet. prabhu ramachandran is one of the two. now, this
latest postings from billg indicates knowledge of my having taken up the
matter with hclcomnet. so, watson, either prabhu or this other person (who
will remain unidentified here) is our link to bill clinton/bill g/satan. i
dont believe prabhu will have anything to do with such abuse.  that leaves
us with a single link to bill/satan. however, that is not my concern. the
basic fact is that this abuse is being perpetrated by one of the list
members. perhaps, this person has visions of being a 'great' hacker and
believes to have found weaknesses in various mail systems. since it is
one of us doing this abuse, i am shutting down the mailing list. i do
not have to waste taxpayer funded bandwidth supporting such activity. i 
hope you all understand.

sriram

for the record, the aero mail server is not terribly insecure and was
upgraded to non-promiscuous relay level just a month or two ago. aero does
not check for a valid sender domain - since i believe that this is wasted
bandwidth. so what if the sender has a bogus domain? if the relay host has
proper logs, the actual sender can be traced from the system logs. to give
an example, if someone used a dial up ppp connection on vsnl (so the
assigned ip number is dynamic and not attached to any particular host),
this person can send mail through vsnl's smtp relay and spoof the sender
domain as xyz. if vsnl allows this (promiscuous relay), the weakness is in
the vsnl relay host. however, aero system logs will show exactly what the
relay host was and also have a message id. one then simply takes this
message id and scans vsnl's smtp relay machine logs for the same id; this
will yield the dynamic ppp ip. from the dial-up ras server logs and time
stamps, the ppp ip can be tracked backed to an actual user-id. it may take
a while, but the process can be used almost without exception (assuming
helpful sys admins) to track back to a user id even through multiple hops.
disallowing promiscuous relay can help in cutting of this type of abuse.
not to say that aero is a very secure machine - it is not. but it is not
terrible either.


---
Send e-mail to 'ilugc-request@xxxxxxxxxxxxxxxxxx' with 'unsubscribe' 
in either the subject or the body to unsubscribe from this list.

Prev by Subject: easyLinux 1.2
Next by Subject: Re: Ethernet-Card for Laptop (fwd)
Previous by thread: Processing Error
Next by thread: ilugc reopens :-)
Index(es):
- Subject
- Thread