Path: utzoo!attcan!uunet!husc6!uwvax!vanvleck!uwmcsd1!leah!itsgw!nyser!njin!aramis.rutgers.edu!porthos.rutgers.edu!webber From: webber@porthos.rutgers.edu (Bob Webber) Newsgroups: news.admin Subject: Re: sendsys Message-ID: Date: 23 Jun 88 23:40:12 GMT References: <107@carpet.WLK.COM> Distribution: na Organization: Rutgers Univ., New Brunswick, N.J. Lines: 101 To: bill@carpet.WLK.COM In article <107@carpet.WLK.COM>, bill@carpet.WLK.COM (Bill Kennedy) writes: > In article <710@vsi1.UUCP> lmb@vsi1.UUCP (Larry Blair) writes: > ... > I can not disagree with Larry, I posted a complaint yesterday and suggested > that the malicious mischief be severely punished. Personally I agree with >what Larry considers "severely punished". I would have the user's plug pulled > before they could blink. My point is that we're not certain whether it is > Webber or someone trying to flood Webber's mailbox. Personally I think it's > Webber but I have no evidence or proof, but the rutgers news administrator > has a log. If he did, indeed, post the sendsys messages, they will appear > in the rutgers log. If he didn't then they won't. The rutgers log was been inspected as soon as I found out what was going on. As pointed out before, the purpose was to find out if they went out from rutgers itself or not. They didn't go out from rutgers. [If you are so bloody curious about it and won't take my word for it, send mail to the sysprog who looked it up for me, mcgrew@aramis.rutgers.edu.] > > Well, Mel, the ball's > >in your court. Are you going to allow this "JJ" to continue? > > That's not altogether fair to Mel, I don't think he's the news administrator. Actually he is the news administrator. He is also at USENIX as has been mentioned countless times before. > He's certainly a very visible figure at rutgers, but I don't think he bears > the news cross too. I _do_ think we deserve a report, one way or another as > to whether or not Webber posted the sendsys. It shouldn't be that hard to > grep out of the log. A simple "nope, he didn't" or "yup he did" would be > enough to shut me up on the subject. The matter of appropriate punishment > becomes more tangled. Well, actually the logs would be completely meaningless. Since I don't have an account on rutgers, I would have to break in in order to make the posting. If I had broken in, then anything on the machine would be suspect. If someone else broke in, then anything on the machine would be suspect. The fact that I don't have an account on rutgers.edu was already verified by killer!wisner via finger (something any arpa user can do to look at rutgers.edu). It is a silly little Sun-3 with loads of 20 or so and not the sort of machine people who don't absolutely need access to get accounts on. [Even my request based on the notion that it was the only machine at rutgers from which the bay area groups could be read was turned down as insufficient reason for an account.] > For the sake of this example *ONLY*, let's assume that Bob Webber is a > mischievous meddler and did this for some obscure reason. OK, you are Actually, why don't we assume, for the sake of this example *ONLY*, that Bill Kennedy is a mischievous meddler and did this for some obscure reason. OK, you are > the news administrator at rutgers, what do you do? Perhaps the net is the news administrator at rutgers, what do you do? My preference would be to drop WLK.COM from the maps. > demanding his scalp. He's faculty and can make an airtight case for need > to use the UNIX system so you can't do what Portal did, i.e. cancel his > account. Do you go in and hard code his user ID into the posting programs > to send them to /dev/null? Definitely the simplest thing to do. But rutgers is a university environment running a rather complicated network of unix boxes. Picking up someone elses account at a university has always been a trivial matter. Back when I first used school computers, the game was to pick up a card deck from the output racks, dupe the password card etc., and then return the deck to the racks (if asked about it -- just say you picked it up by mistake). With hardcopy terminals came the art of reading typewriter ribbons. Watching people type in their passwords has always been a winner (a lot of slow hunt-and-peck typists around these days). [I remember one day when it was discovered that someone had added a new game to the online basic library that asked each user for a password before going on -- quickly yanked off the system when it was discovered that users were typing in their login passwords and the program was recording them in a file. How stupid can a naive computer user with a free acount be? It boggles the mind.] The list goes on ... > ... Some news wizard has found a way to fake news paths and things > to make them look like someone else did it. They take it upon themself to > punish people with whom they disagree (e.g. Webber, weemba, Mark Ethan Smith, > even JJ). They do this and get everyone screaming about someone that we're > probably already mad at, step back and enjoy the conflageration. Now *THAT* > is the one who needs their plug pulled! The (five by my count) sendsys > and "Speaker for the Net" or whatever it was are trivial when compared with > the truckloads of traffic they spawn (this posting included!). ``Speaker To the Net'' [cf Larry Niven's Ringworld] with Sender: webber... From: net.rarebit... were legitimate normal postings (at least the ones that I have seen) and in no way to be confused with forged messages such as the sendsys thing. > JJ sent a > few Kbytes, we lobbed grenade after grenade, maybe gigabytes. The person > who torches something for the sheer enjoyment of watching it needs to be > promptly and surgically removed from the net (even if it _is_ Bob Webber). Actually, these _Bill Kennedy_ postings seem pretty inflamatory to me. Time for some chainsaw surgery? ------ BOB (webber@athos.rutgers.edu ; rutgers!athos.rutgers.edu!webber)