Forwarded from: security curmudgeon <jerichoat_private> ---------- Forwarded message ---------- From: Declan McCullagh <declanat_private> X-Sender: declanat_private To: politechat_private Date: Tue, 06 Nov 2001 08:53:04 -0500 Subject: FC: FAA.gov ran open mail relay, could let people forge FAA email [Excerpted from RISKS Digest Vol 21 Issue 73. (ftp://ftp.sri.com/risks) --DBM] [...] Date: Sun, 4 Nov 2001 17:15:16 -0500 (EST) From: Bill Duncan <bduncanat_private> Subject: FAA Asleep at the Control Column? A few days ago while looking through the e-mail rejection logs, I was surprised to find some e-mail blocked by virtue of being in an RBL list and coming from a host in the FAA.GOV domain. The e-mail was obvious spam, as I'd blocked the same sender (from a domain in the UK) from various other addresses. Being a new private pilot and with the recent of September events fresh in my mind, I quickly investigated. Sure enough, there was a host on their network, loaded with software from that outfit in Redmond, and happily spewing relayed mail. (I tested whether it would relay mail from anywhere to anywhere else by telneting to its smtp port.) Furthermore, to get on this exclusive RBL list, the e-mail relay must've been in operation for some time. Imagining scenarios where relaying e-mail through the FAA system might at best be an embarrassment, and at worst might be some kind of a security threat, I immediately e-mailed whatever addresses I could find on their website as well as the usual postmasterat_private etc. So far, no response, and according to my log files, I'm still rejecting spam from them. While many US Federal Government agencies are discovering the virtues of Open Source for security, I'm dismayed to find that the FAA is still using software well known for insecurities on their website as well as other hosts connected to the Internet. Getting junk e-mail relayed through the FAA might be just an annoyance, but it might also point to other security issues there. So if you get any e-mail from the FAA, be careful. It's probably just SPAM, but it might be worse. Follow-up: Mon, 5 Nov 2001 15:41:11 -0500 (EST) I didn't want to include the identifying IP address in the original submission, to protect the guilty, but it looks like they took it off this morning. I tried pinging the address and they are no longer there. The last SPAM which was sent my way from that address was at 1:15 this morning EST. Although I e-mailed about 4 addresses at the FAA, including one for emergency response, I've received no replies as yet. But I guess the message finally got through this morning. Maybe they'll take it as a wakeup call, which I didn't think they'd really need after the recent events... Here's the last log entry from my mail log, with the local address changed. I'm using Exim. 2001-11-05 01:15:18 recipients from atos.faa.gov [18.104.22.168] refused 2001-11-05 01:15:18 recipient <localnameat_private> refused from atos.faa.gov [22.214.171.124] sender=<masterdisc8745at_private> (host_reject_recipients) Bill Duncan, VE3IED http://www.beachnet.org bduncanat_private +1 416 693-5960 [...] Date: Thu, 1 Nov 2001 20:39:12 -0500 From: Monty Solomon <montyat_private> Subject: Sony uses DMCA against Aibo Enthusiast's Site Sony Dogs Aibo Enthusiast's Site Courts: The company uses a controversial law to stop owners from altering the robotic pet. Some consumers balk. Sony Corp. is using a controversial U.S. law aimed at protecting intellectual property to pull the plug on a Web site that helps owners of Aibo, Sony's popular and pricey robotic pet, teach their electronic dogs new tricks. Aibo owners are outraged, and hundreds have vowed to stop buying Sony products altogether until the company backs off. Sony has sold more than 100,000 Aibos worldwide since 1999, at prices ranging from $800 to $3,000. The dogs have spawned a community of enthusiasts who fuss over the mechanical marvels as if they were real canines. [Source: Article by Dave Wilson and Alex Pham, *Los Angeles Times*, 1 Nov 2001] http://www.latimes.com/business/la-000086726nov01.story?coll=la-headlines [...] ------------------------------------------------------------------------- POLITECH -- Declan McCullagh's politics and technology mailing list You may redistribute this message freely if you include this notice. Declan McCullagh's photographs are at http://www.mccullagh.org/ To subscribe to Politech: http://www.politechbot.com/info/subscribe.html This message is archived at http://www.politechbot.com/ ------------------------------------------------------------------------- - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Wed Nov 07 2001 - 03:00:30 PST