Path: utzoo!utgpu!attcan!uunet!husc6!cmcl2!rocky8!cucard!ccnysci!dan From: dan@ccnysci.UUCP (Dan Schlitt) Newsgroups: news.sysadmin Subject: Re: Getting Even Summary: There is plenty of blame to go around Keywords: worm sendmail Message-ID: <973@ccnysci.UUCP> Date: 9 Nov 88 14:36:12 GMT References: <367@execu.UUCP> <265@acheron.UUCP> <1636@pikes.Colorado.EDU> <5343@medusa.cs.purdue.edu> Reply-To: dan@ccnysci.UUCP (Dan Schlitt) Organization: City College of New York Lines: 37 Spaf, you are probably correct in you comments, particularly those about blaming the victim. However.... Well, I probably can view the problem of the worm with a bit of detachment since we are not yet connected to the internet and thus did not get attacked by the it. But there are a group of people who I have not seen mentioned who should share a good part of the blame for the extensive propagation of the worm. When I get the BSD distribution as a university site I know what I am getting. It is not a polished commercial product and I take the responsibility for cleaning things up if they bother me. I saw the trapdoor code several times as I looked at the source. I wasn't curious enough to check out what it did nor sharp enough to see the problems it might create. If I had been bitten then I would be kicking myself for contributing to the problem. On the other hand, some of the machines that were attacked were running what purports to be a commercial product. In the tcp-ip group there has recently been discussion of the documentation and setup on the distributed operating system that creates many problems, including security problems, when the machines are connected to the internet. It seems to me that there is good reason for some serious soul searching in some corporate headquarters over what has just happened. And that shouldn't be applied just to that organization. I have a computer from yet another vendor with the sendmail trapdoor. I will patch that binary too. But I ask you, why should a vendor distribute programs compiled with DEBUG defined? -- Dan Schlitt Manager, Science Division Computer Facility dan@ccnysci City College of New York dan@ccnysci.bitnet New York, NY 10031 (212)690-6868