Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!swrinde!zaphod.mps.ohio-state.edu!cis.ohio-state.edu!morganucodon.cis.ohio-state.edu!jgreely From: jgreely@morganucodon.cis.ohio-state.edu (J Greely) Newsgroups: comp.admin.policy Subject: Re: RFC on my "abuse" Message-ID: Date: 25 Jun 91 22:23:38 GMT References: <1991Jun25.154257.7452@m.cs.uiuc.edu> <1991Jun25.173013.3784@mp.cs.niu.edu> <1991Jun25.192914.23335@cs.utk.edu> Sender: news@cis.ohio-state.edu (NETnews ) Reply-To: J Greely Organization: Ohio State University Computer and Information Science Lines: 20 In-Reply-To: de5@ornl.gov's message of 25 Jun 91 19: 29:14 GMT Originator: jgreely@morganucodon.cis.ohio-state.edu In article <1991Jun25.192914.23335@cs.utk.edu> de5@ornl.gov (Dave Sill) writes: >Attempting to anonymous ftp to random sites is, in my opinion, rude at >worst. But any site admin that freaks out over the occasional attempt >hasn't got a firm grasp on reality. Actually, they may have a firmer grip than you. Older versions of ftpd had holes big enough to drive a truck through. If I spotted someone out at bfe.edu attempting to connect to each of our machines in turn, I'd be more than a little suspicious, and would probably send mail to the admins there asking them to check it out. If you were running a site, and you got mail from an administrator on the other side of the country (or the world) saying "someone at your site is trying to get into *all* of our machines", what would you do? It sounds like the actions taken by the original sysadmins were quite reasonable. -- J Greely (jgreely@cis.ohio-state.edu; osu-cis!jgreely)