Blog
This entry is here to lend some support and PageRank to a worthy cause. Jarle Dahl Bergersen recently received a “Cease and Desist” letter from Nikkens Swedish representative. If you know me, you know I don’t much care for the concept of “intellectual property” (sic) in the first place. Seeing it abused like this just reconfirms my believes that the whole system has gone bad and need to be replaced. So I guess I’ve broken some law or other now, and I fully expect some Nikken cartoony to send me my very own letter. Feel free.
Links:
http://db.org/2004/01/11/property-and-technology/
http://english.kakeboksen.org/archives/000310.html
Blog
Asbjørn Bjørnstad posted the following pearl to rec.photo.digital:
Funny how technology changes things. First you could count your things, and if something was missing, someone had stolen it. Simple.
Later, you could count other peoples things, and if they had something that was exactly what you had, then they had stolen it.
Now you look at peoples things, and if they have a map to where your stuff is, they have stolen it.
Blog
From Vernon Schryver:
“Each item in the following list was suggested by the words or actions of people who presented themselves to the IETF or elsewhere as having discovered the FUSSP. Some of the items may seem obscure to those who have not dealt with the IETF.”
http://www.rhyolite.com/anti-spam/you-might-be.html
This list should be required reading for anyone who think they have the “final solution” to spam.
Blog
Introduction
The db.org mail server at 195.159.29.203 and 195.159.29.204 has been used as a spam relay from approximately 2003/11/25 19:00 UTC until approximately 2003/11/26 03:45 UTC (a total of a little under 9 hours). The problem has now been corrected, and no further spam should originate from this server. This page will be continuously updated as more information about the attack is uncovered. I (Bob Johannessen, postmaster@db.org) would like to apologise for any inconvenience this has caused.
The problem
The problem seems to have been with the password checker used for SMTP AUTH. The password checker used a different protocol from the SMTP daemon, and the brain dead password checker defaulted to “allow” when it didn’t understand its input data. This resulted in anyone trying to authenticate with AUTH LOGIN, using any combination of username and password, was allowed to relay mail.
The volume
Based on the queue sequence number of the first undeliverable message and that of the the last message, the total volume is estimated at about 14.000 messages. Of these 11.000 was already delivered when the problem was identified. The remaining 3.000 messages was removed from the queue. Total damage is therefore approximately 11.000 messages.
The attacker
The approximately 3.000 messages in the queue when the attack was identified originated from the following addresses.
- 200.141.157.222 (RN141157222.user.veloxzone.com.br)
- 200.141.161.171 (PE161171.user.veloxzone.com.br)
- 200.158.237.63 (200-158-237-63.dsl.telesp.net.br)
- 200.164.136.170 (CE136170.user.veloxzone.com.br)
- 200.164.143.239 (CE143239.user.veloxzone.com.br)
- 200.164.143.5 (CE143005.user.veloxzone.com.br)
- 200.164.144.148 (CE144148.user.veloxzone.com.br)
- 200.164.144.236 (CE144236.user.veloxzone.com.br)
- 200.164.18.239 (BA018239.user.veloxzone.com.br)
- 200.164.244.135 (PE244135.user.veloxzone.com.br)
- 200.164.244.69 (PE244069.user.veloxzone.com.br)
- 200.165.112.248 (AL165112248.user.veloxzone.com.br)
- 200.165.16.151 (MG016151.user.veloxzone.com.br)
- 200.165.172.202 (172202.telemar.net.br)
- 200.165.193.64 (RJ193064.user.veloxzone.com.br)
- 200.95.11.213 (dsl-200-95-11-213.prod-infinitum.com.mx)
- 200.95.117.1 (dsl-200-95-117-1.prod-infinitum.com.mx)
- 200.95.119.11 (dsl-200-95-119-11.prod-infinitum.com.mx)
- 200.95.124.65 (dup-200-95-124-65.prod-infinitum.com.mx)
- 200.95.127.124 (dup-200-95-127-124.prod-infinitum.com.mx)
- 200.95.17.208 (dsl-200-95-17-208.prod-infinitum.com.mx)
- 200.95.46.247 (dsl-200-95-46-247.prod-infinitum.com.mx)
- 200.95.48.215 (dsl-200-95-48-215.prod-infinitum.com.mx)
- 200.95.72.214 (dsl-200-95-72-214.prod-infinitum.com.mx)
- 200.95.72.49 (dsl-200-95-72-49.prod-infinitum.com.mx)
- 200.95.73.201 (dsl-200-95-73-201.prod-infinitum.com.mx)
- 200.95.77.157 (dsl-200-95-77-157.prod-infinitum.com.mx)
- 200.95.82.253 (dsl-200-95-82-253.prod-infinitum.com.mx)
- 200.95.90.251 (dsl-200-95-90-251.prod-infinitum.com.mx)
- 218.72.11.98 (no reverse, whois@apnic.net points to chinanet.cn.net)
- 61.11.35.180 (no reverse, whois@apnic.net points to ddsl.net and directs abuse complaints to abuse@eth.net)
Blog
From RISKS Digest:
A US tourist’s trip through Bavaria ended with an unexpected visit to a supermarket when his car’s navigation system led him straight through the store’s doors. He depended entirely on the navigation system and did not notice approaching the supermarket until entering it.
Am I the only one who think the car’s navigation system is totally irrelevant to this story? I mean, if you think you can drive through a city without looking out the window, should you really be allowed to drive at all?