Chronology Current Month Current Thread Current Date
[Year List] [Month List (current year)] [Date Index] [Thread Index] [Thread Prev] [Thread Next] [Date Prev] [Date Next]

Security and protocol: was( HTML Mail for PHYS-L: Pros/Cons)



On Wed, 11 Oct 2000, Derek Chirnside wrote:
<snip>
Who is interested in hacking into a bunch of
physics teachers anyway? Probably not high, and not many peiople
interested - but I now feel some caution.
In addition to teaching physics full time, I am the tech support person
for our school. We have 6 servers here running various flavors of
Unix/Linux and about 200 workstations (wintel & mac). We average about 10
crack attempts per month. Most of them are script kiddies looking for a
scalp. Others want a place to store warez or porn (see JPL incident).
Many want to use your system to launch attacks on other, more interesting
systems.
Last year on December 24th one of our Linux workstations (one used by
studentsfor special projects) was cracked via a hole in the wustlftp module.
They used our system to launch denial of service attacks on various
institutions and as a staging ground for attacks on other servers. They
uploaded warez and child porn and turned on anonymous ftp. Working
with some people from Carnegie Mellon we were able to reconstruct the
original attack and our logs indicated what other attacks they launched
from our computer. We were lucky in that I was able to pull the plug on
the network connection to this system before they were able to clean up
the various logfiles.
So, although our systems may not contain sensitive or profitable
information to a potential attacker, they are still inviting targets.

Question:
Is there a preferred protocol for quoting others when responding to a
post? Some have expressed a desire to have the entire original post and
reply in one message, others desire just the response and still others
extract part of the message and reply to that part.





Bruce Esser
Physics Teacher Something witty
Marian High School Should go here
http://marian.creighton.edu