Path: utzoo!utgpu!news-server.csri.toronto.edu!bonnie.concordia.ca!ccu.umanitoba.ca!herald.usask.ca!alberta!ubc-cs!uw-beaver!zephyr.ens.tek.com!tektronix!percy!m2xenix!quagga!undeed!levy
From: levy@Daisy.EE.UND.AC.ZA (David Levy)
Newsgroups: comp.admin.policy
Subject: Re: RFC on my "abuse"
Message-ID: <1991Jun28.094738.29168@Daisy.EE.UND.AC.ZA>
Date: 28 Jun 91 09:47:38 GMT
References: <1991Jun25.154257.7452@m.cs.uiuc.edu> 	<1991Jun25.173013.3784@mp.cs.niu.edu> 	<1991Jun25.192914.23335@cs.utk.edu> <JGREELY.91Jun25172338@morganucodon.cis.ohio-state.edu> <ben.677904030@dragonfly.wri.com>
Organization: Univ. Natal, Durban, S. Africa
Lines: 38

In <ben.677904030@dragonfly.wri.com> ben@wri.com (Ben Cox) writes:

>jgreely@morganucodon.cis.ohio-state.edu (J Greely) writes:

>>Actually, they may have a firmer grip than you.  Older versions of
>>ftpd had holes big enough to drive a truck through.  If I spotted
>>someone out at bfe.edu attempting to connect to each of our machines
>>in turn, I'd be more than a little suspicious, and would probably send
>>mail to the admins there asking them to check it out.

>Once, I had to install a UUCP connection.  I tried to test it out.  I got
>mail from Rick Adams (!) telling my that my attempts at "testing" security
>of UUNET were not considered friendly.  It turns out that the thing I used to
>test our UUCP connection used to be a bug and would have, in the olden days,
>allowed me access, but had since been fixed.  UUNET had assumed I was testing
>for the presence of this bug, when in fact, I was totally unaware of the bug,
>and was simply trying to test our connection (I had been expection a message
>back telling me my uux failed, but never got it).

>The moral of the story: sometimes your actions look much more suspicious than
>you think they do

The network software is horribly full of holes, bugs and other problems,
but is in heavy use by a wide variety of people, which has led to well-known
disasters, so administrators become paranoid, and dump on users who try to do
reasonable things because the network goes wrong. Examples abound of things
like 50 (or 500) copies of a file being shipped by a mail server for no
obvious reason (to the user), etc etc.
The moral - fix the software, dont nail users, and take a tranquilliser if
your paranoia gets out of control!

Dave Levy

-- 

David C Levy, Dept of Electronic Eng, Univ of Natal, King George V Ave, Durban,
South Africa,  levy@ee.und.ac.za,  levy%ee.und.ac.za@saqqara.cis.ohio-state.edu
m2xenix!quagga!levy%undee@uunet.uu.net,      levy.undee@f4.n7104.z5.fidonet.org