Path: utzoo!utgpu!watserv1!watmath!att!bellcore!rutgers!ucsd!ucbvax!LCS.MIT.EDU!sra
From: sra@LCS.MIT.EDU (Rob_Austein_@cup.portal.com)
Newsgroups: comp.protocols.tcp-ip
Subject: Re: anonymous ftp, and the dangers thereof
Message-ID: <9006160506.1.12619@cup.portal.com>
Date: 16 Jun 90 12:06:58 GMT
Sender: daemon@ucbvax.BERKELEY.EDU
Organization: The Internet
Lines: 19


   Date: 5 Jun 90 19:16:59 GMT
   From: stev@VAX.FTP.COM

   i know alot of people who have used the ITS systems at MIT. i never recall
   them telling me of problems with people "breaking in" and damaging
   something. what security ITS had was based on obsurity. i would like to hear
   from some of the ITS wizards about how security-through-obscurity wrked for
   them. 

It seems that at one point during his romp, Cliff Stoll's "Hanover
Hacker" made his way onto MX.LCS.MIT.EDU (Cliff calls it the "MIT MX
Computer").  According to Cliff, the guy spent about two hours poking
around before giving up.  His net accomplishment during that time was
to figure out how to list one of the GUESTn directories.  I don't
think he got as far as listing the contents of files.  The ITS command
processor is a little, er, eccentric.

--Rob Austein