dcox@ssd.kodak.com (Don Cox) (02/04/91)
Every now and then I get a message informing me that my sys file has
been sent to such and such. I remember reading at one time that the
reason for this was to monitor the flow of news traffic. My question
is, how exactly is this accomplished? Does the requesting party send
a GIVE_ME_YOUR_SYS_FILE command to my nntp port? Does the requesting
party have to be acknowledged in my nntp_access list? (if the command
does come in on port 119)
Is this in any way a security problem? Could the same requesting
party send me a GIVE_ME_YOUR_PASSWD_FILE command? Thanks.
--
Don Cox
Phone (716) 253-7121 KMX (716) 253-7998
INTERNET dcox@ssd.kodak.comtale@rpi.edu (David C Lawrence) (02/04/91)
It is accomplished with the sendsys control message as described in
RFC 1036. There is no dependence on article propagation method like
NNTP. It is only a security hole if you put sensitive information in
your sys file, which you should not do. No other files may be
requested this way.
--
(setq mail '("tale@cs.rpi.edu" "tale@ai.mit.edu" "tale@rpitsmts.bitnet"))