I think we're reaching the Twilight zone, so I'll be brief but there are blatent errors in this email. F> *** FTPPro does NOT ‘glean’ Passwords. *** Your email included the login that the user entered in your program. This is a fact. This login is a valid Skynet customer login. This has nothing to do with you site or your registration stuff. This user used your software to access his web page, using this particular login. By no means on earth should you be aware of what FTP logins your users enter when they use your FTP program. Your email (my post on bugtraq) submitted me not only with his login, but the host he was connecting to, and the IP he was from. All of this using your program. How the hell were you aware of these ? Answer to this simple question would clarify the debate, otherwise, I keep saying your program sent this information to your offices, which is maybe a feature to protect your intellectual property, but also a security concern for some system administrators, and the Bugtraq mailing list is meant for such concerns. F> It should be noted that the person who originally posted the complaint F> against our program is an active user of ‘warez’ sites. The person who posted the informative email (aka complaint) is me, system administrator for a nationwide ISP. F> Many damaging viruses have been spread by these illegal ‘warez’ programs. I just snip the rest. hallucinating. -- --< Cédric "Ced" Amand >---< Security Manager & Unix Sysadmin >-- --< http://cedric.net/ >---< @ Skynet - http://www.skynet.be/ >--
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:33:12 PDT