NetNews Usenet Archive 1992 #31

home *** CD-ROM | disk | FTP | other *** search

/ NetNews Usenet Archive 1992 #31 / NN_1992_31.iso / spool / comp / sys / amiga / datacomm / 8442 < prev next >

Wrap

Text File | 1992-12-31 | 3.5 KB | 80 lines

Newsgroups: comp.sys.amiga.datacomm Path: sparky!uunet!spool.mu.edu!umn.edu!csus.edu!netcom.com!gbartoli From: gbartoli@netcom.com (Guy Bartoli II) Subject: Re: CNET has BACKDOOR??? Message-ID: <1992Dec31.112538.19111@netcom.com> Organization: CLink - A Manly Network X-Newsreader: Tin 1.1 PL5 References: <rkushner.04q0@sycom.mi.org> Date: Thu, 31 Dec 1992 11:25:38 GMT Lines: 68 Ronald Kushner (rkushner@sycom.mi.org) wrote: : : >First off, be careful using the word "Backdoor," because that implies that : >the programmer purposefully put this method for gaining private passwords : >into the system -- which is not the case. : : I've heard backdoor rumors for the last 7 years...I dunno about a "password" : that will enter C-Net, but I've suspected there are little flaws that are : overlooked that take systems down.. I know of an 'oversight' in pre-2.0 C-Net : that will take the whole system down, some are still there. It's concieveable : that you could view passwords with the oversights in the system. I still : have a friend who's an EE major at U of M that swears up and down that C-Net : has flaws engineered into the system purposly, though I don't see the : authors of C-Net doing that since it can compromise the bottom line if : discovered. I agree. But due to the nature of this bug (an the rumour that Ken's board has also been hit), it is apparant that this was not purposefully put in by Ken himself. Like you said -- this is a business for him. Why would he want to compromise his business like that? Besides, if there were backdoors, why isn't Ken taking down all the pirated Cnet BBS's? : : >I'm not going to bother describing the method (bug) since I know people : >of more malicious attitudes will repeat it on their local CNet systems, but, : >any system that has been "attacked" by a hacker MUST delete their BBS.udata : >files since the hacker has most-likely attained every user's password and : >you will never get rid of the *sshole. : : Humm....Sounds like a real solution. It's actually the only solution. If a hacker has gotten ahold of a single passcode, then the chances are good that he has everyone's. : : >PLEASE! This is not a backdoor. It's a bug in the system that someone has : >uncovered and is taking advantage of. There should be a fix up on the : >support board (Future World) immediately! If you haven't had a hack attempt : >yet, do not delete your BBS.udata ... if someone has gotten ahold of one : >password, he probably has 'em all, so restart your userlog. : > : : Are you saying this flaw is known about by the authors of C-Net where there : is an immediate fix ready for immediate release? Is there a fix for people : who didn't pay for an upgrade to 2.0 C-Net? I'm no longer a CNet sysop, myself, but I've got several good friends who are. One of which apparantly has spoken directly to Ken about this and I wouldn't be surpirsed if there was a fix out at the time of this writing. As far as a fix for people who didn't pay for an upgrade to 2.0 C-Net, I'm not 100% certain as to what you are referring to. In any case, I don't speak for Perspective, so you'd have to get in touch with them for that answer. : : >p.s. I'm in no way connected to Perspective Software, the hacker, or : >Barbara Bush. Thank you. : : Me neiher... Cheers! -- ========================================================================== Guy Anthony Bartoli = Jagulars wait up in the trees and yell "Halloo." gbartoli@netcom.com = When you look up ... they fall on you. -- Pooh ==========================================================================