|
|
| Author |
Message |
| 25 new of 222 responses total. |
jmsaul
|
|
response 164 of 222:
| 
Jun 10 04:13 UTC 2000 |
Re #160: Don't use the same password on more than one system.
|
void
|
|
response 165 of 222:
|
Jun 10 05:26 UTC 2000 |
re resp:163: well, yeah, but they're not supposed to be real
passwords.
|
mdw
|
|
response 166 of 222:
|
Jun 10 06:06 UTC 2000 |
Grex will accept all lower-case, if it's long enough. Generally
speaking, length is more important than the number of classes of
characters used for increasing the size of the key search space.
|
jor
|
|
response 167 of 222:
|
Jun 10 11:06 UTC 2000 |
Can't telnet in. Here via web.
Stuggling with the controls.
|
jor
|
|
response 168 of 222:
|
Jun 10 11:07 UTC 2000 |
Is this pistachio. Over.
|
scott
|
|
response 169 of 222:
|
Jun 10 12:51 UTC 2000 |
<chsssch> Roger we read you 5x5 <chsssch>
inetd had died. I restarted it.
|
aruba
|
|
response 170 of 222:
|
Jun 10 18:39 UTC 2000 |
Since the reboot the terminal server doesn't say "It may take a few moments
to connect". It does take a while, though, but it just sits there appearing
to have hung.
|
janc
|
|
response 171 of 222:
|
Jun 11 00:04 UTC 2000 |
The terminal server downloads its half it's brain from gryps when it powers
up. Gryps is gone, so the terminal server is running on half a brain. I
am pleased to believe that some of the other staff people are working on a
replacement for gryps.
|
wwallace
|
|
response 172 of 222:
|
Jun 12 05:12 UTC 2000 |
does anybody know how the recent hack on the system was done? what hole they
found? what process they used to exploit it?
|
mdw
|
|
response 173 of 222:
|
Jun 12 05:43 UTC 2000 |
We don't know the whole story, but we know enough to prevent a
repetition. Short version: a grex staffer had the same password on
grex/gryps, as well as at another well-respected "serious" site. The
local site got hacked, this staffer's password was stolen (probably
sniffed off the wire), and the hacker proceeded to exploit all the
systems the staffer was using. Gryps was one of them. Gryps was
running a very old version of freebsd. It was probably well enough
hardened against an attack from "outside", but it wasn't at all hardened
from an attack on the "inside". So, the vandal was able to get root on
gryps.
The vandal then proceeded to install a "rootkit", which was apparently
designed to protect the vandal against unintended discovery.
Unfortunately for the vandal, gryps was probably running a much older
version of freebsd than what the rootkit was designed to run on, so it
became obvious that something was broken (the "ls" command, of all
things, had an obvious "off-by-4" error reading directories.) The vandal
had also copied over a rather bad network sniffer. It appears to have
been designed to steal passwords, but would *probably* have been very
tedious to use in practice. We ran the sniffer long enough (after
taking appropriate precautions) to satisfy ourselves that it *could* be
used to steal passwords. The evidence suggests that the vandal was
rather stupid, and we don't know that he ever actually got around to
running the sniffer. So, we can *hope* he didn't have the time.
Nevertheless, we don't have any proof this is so, and it's conceivable
he could have stolen any # of passwords (perhaps even using another
better tool) before we noticed.
Gryps is down for the moment. It will probably be replaced by much
better hardware running openbsd, so hopefully we won't ever need to know
more about all the exact details of how the vandal compromised gryps.
Also, the staff member who unluckly got compromised claims to now be
using different passwords everywhere, so hopefully that will not be a
problem as well.
|
steve
|
|
response 174 of 222:
|
Jun 13 22:45 UTC 2000 |
A delightful soul in Labanon filled up /c with millions and millions
of "y"'s today, courtesy of the yes program. I found it just after the
last bit of disk had been eaten and got rid of it all.
|
mcnally
|
|
response 175 of 222:
|
Jun 13 23:17 UTC 2000 |
Lab-anon? Is that that support group for those who want to kick their
technical and scientfic habits?
|
keesan
|
|
response 176 of 222:
|
Jun 14 11:23 UTC 2000 |
What is the yes program?
|
davel
|
|
response 177 of 222:
|
Jun 14 12:06 UTC 2000 |
Try "man yes" to see.
|
janc
|
|
response 178 of 222:
|
Jun 14 17:11 UTC 2000 |
I just did "man yes" on my Linux system. It says:
NAME
yes - output a string repeatedly until killed
SYNOPSIS
yes [OPTION]... [STRING]...
DESCRIPTION
Repeatedly output a line with all specified STRING(s), or `y'.
--help display this help and exit
--version output version information and exit
SEE ALSO
The full documentation for yes is maintained as a Texinfo
manual. If the info and yes programs are properly
installed at your site, the command
info yes
should give you access to the complete manual.
Note that the "full documentation" in "info" is shorter than the
instructions to look in "info" for full documentation. Gnu software is
a wonderful thing, but sometimes I think the authors would benefit from
electroshock treatments.
|
remmers
|
|
response 179 of 222:
|
Jun 14 17:55 UTC 2000 |
Well, I'd expect a silly program to have silly documentation.
(The last paragraph of the man page was probably auto-generated
from a template that's used for all GNU software. Major GNU
programs do tend to have more extensive info documentation than
man documentation.)
|
krj
|
|
response 180 of 222:
|
Jun 14 19:52 UTC 2000 |
Any ideas why the queue to log in to Grex has soared this week?
|
steve
|
|
response 181 of 222:
|
Jun 14 20:30 UTC 2000 |
M-Net's being down? I think thats it. I've seen a slew of new logins and I
kinda
get the feeling that we're handing more mail than we usually do, too.
|
krj
|
|
response 182 of 222:
|
Jun 14 20:35 UTC 2000 |
I thought of the M-net outage too, but the queue surge has just been in
the last couple of days.
|
willard
|
|
response 183 of 222:
|
Jun 14 20:52 UTC 2000 |
Trying 204.212.46.130...
telnet: connect to address 204.212.46.130: Connection refused
telnet: Unable to connect to remote host
|
scg
|
|
response 184 of 222:
|
Jun 14 21:05 UTC 2000 |
inetd was dead. I just restarted it.
|
cconroy
|
|
response 185 of 222:
|
Jun 14 21:33 UTC 2000 |
Is there any legitimate use for the "yes" command (other than for
filling a disk)?
|
janc
|
|
response 186 of 222:
|
Jun 15 00:04 UTC 2000 |
Long long ago, some Unix admins would flick a switch that made "rm" ask "do
you really want to delete this file?" everytime you did "rm file". This was
really annoying because there was then no way to turn the prompt off, so when
you did "rm *" in a directory with 1000 files, you had to type "y" 1000 times.
So someone wrote "yes". "yes | rm *" worked. These days you can turn on the
prompt in "rm" without making it impossible to turn off, so I haven't seen
anyone do "yes | rm *" for about 17 years now. I presume "yes" is still there
for backwards compatibility. Lots of unix systems don't have it anymore.
|
mcnally
|
|
response 187 of 222:
|
Jun 15 00:21 UTC 2000 |
Basically it's a program to pipe stupid answers to programs that
ask stupid questions.. I've used it on occasion on certain installer
programs when I knew in advance that everything which was going to be
asked would take the same answer.
|
willard
|
|
response 188 of 222:
|
Jun 15 14:14 UTC 2000 |
It's also funny to use in party... "if ur from bangalore and u like
american girls with big booms, type !yes now"
|
