RE: Speaking of security...

From: Eric Harrison (eharrison@private)
Date: Tue Nov 06 2001 - 18:17:04 PST

Next message: Heidi: "DoS"

Previous message: George Heuston: "FW: NIPC Daily Report 6 November 2001"
In reply to: McCall, Bill: "RE: Speaking of security..."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tue, 6 Nov 2001, McCall, Bill wrote:

>Did you tell them or keep the joke to yourself?
>
>bill mccall

I checked a couple of the more popular open-relay databases, it is not
exactly a secret. On three of the different databases I found black-holed
IP addresses that resolve to:

	relay.faa.gov
	atos.faa.gov
	rms.faa.gov

The only one of these servers that I can verify as currently operational
is relay.faa.gov. Atos does not respond and rms refuses connections to port
25. Hopefully they've cleaned up their act.

- -Eric

>-----Original Message-----
>From: Alan [mailto:alan@private]
>Sent: Tuesday, November 06, 2001 2:30 PM
>To: crime@private
>Subject: Speaking of security...
>
>
>I find this both extreamly funny and frightening at the same time. 
>
>faa.gov is an open mail relay.
>
>This means that anyone can forge mail that looks like it comes from the FAA.
>
>Want to ban laptops on flights? Screaming babies? Silly string?  Now is your
>
>chance.
>
>It also begs the question of whether the rest of the silly rules involving 
>nail clippers and the like are the result of forged e-mail.  (Nah! Too 
>rational.)
>
>You would think that the people who are charged with securing planes would
>do 
>a better job securing their servers...
>
>It does explain a lot though.
> 
>****************************************************************************
>This message is intended for the sole use of the individual and entity to
>whom it is addressed, and may contain information that is privileged,
>confidential and exempt from disclosure under applicable law.  If you are
>not the intended addressee, nor authorized to receive for the intended
>addressee, you are hereby notified that you may not use, copy, disclose or
>distribute to anyone the message or any information contained in the
>message.  If you have received this message in error, please immediately
>advise the sender by reply email and delete the message.  Thank you very
>much.                                                                       
>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE76JmpH9eQw/Gi3tURAkkGAJ9Tui1hjxYgKOnnUhww3LZ32iPowgCaAn4y
9C94x4QzaM2v6U2dSpk6aIo=
=Wx24
-----END PGP SIGNATURE-----

Next message: Heidi: "DoS"
Previous message: George Heuston: "FW: NIPC Daily Report 6 November 2001"
In reply to: McCall, Bill: "RE: Speaking of security..."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:30:15 PDT