gam@uts.amdahl.com (Gordon Moffett) (02/08/89)
I found a sendsys message posted via news.admin with an 'na' distribution, shown below. Enclosed is the letter I sent to the relevant parties. The site it comes from is run by the fellow who posted the sendsys, so I wrote the following letter to his news feed, carbon copied to *that* site's news feed. And now, of course, to all you people: # To: devon!paul devon!postmaster # Cc: vu-vlsi!uuadm # # I caught this sendsys message passing thru my site, and as # it appears malicious I removed it before it could be passed on. # It would have caused -- maybe has caused -- a great waste of # transmit time thruout North America. # # Since Mr. Buda owns the macine that this came from, I # turn to his news feed as the person who could stop this. # Please talk to Mr. Buda about this. This is an irresponsible # use of the network. # # The message: # # > Path: amdahl!sri-unix!quintus!arisia!lll-winken!spl1!vu-vlsi!devon!chessene!root # > From: root@chessene.UUCP (This System) # > Newsgroups: control,news.admin.ctl # > Subject: sendsys # > Message-ID: <666@chessene.UUCP) # > Date: 6 Feb 89 07:36:58 GMT # > Control: sendsys # > Reply-To: hermit@chessene.UUCP (Mark Buda) # > Distribution: na # > Organization: The Hermit's Enclave, Lancaster PA # > Lines: 1 # > # > Thou shalt NOT fuck with rec.arts.startrek..... -- Gordon A. Moffett gam@uts.amdahl.com +1 408 746-8287 {ames,sun,uunet,decwrl}!amdahl!gam
gam@uts.amdahl.com (Gordon Moffett) (02/09/89)
I've since been told the sendsys message is a forgery, and I've apologized to the relevant parties. Such is Usenet. -- Gordon A. Moffett gam@uts.amdahl.com +1 408 746-8287 {ames,sun,uunet,decwrl}!amdahl!gam
paul@devon.LNS.PA.US (Paul Sutcliffe Jr.) (02/13/89)
In article <002qm24E=U1010oLkh.@amdahl.uts.amdahl.com> gam@amdahl.uts.amdahl.com (Gordon Moffett) writes: +--------- | I've since been told the sendsys message is a forgery, and I've | apologized to the relevant parties. Such is Usenet. +--------- As administrator of site devon (which feeds the site chessene, which was supposed to be the origin of the offending sendsys message in question), I wish to say, in public, that I accept Gordon's apology. Perhaps he'll forgive me for the harsh tone of my reaction to his initial e-mail message. Having said that, and hoping that the "forger" is reading this, I'd like to say that the brunt of this attack landed squarely on my site, not chessene. I'm writing this at ~2pm local time on the Sunday the 12th. A "last -5 uchesse" shows that chessene hasn't logged on since the early morning hours on Thursday: uchesse tty01 Thu Feb 9 04:14 - 04:53 (00:38) uchesse tty01 Thu Feb 9 01:15 - 03:59 (02:44) uchesse tty01 Wed Feb 8 02:15 - 05:05 (02:50) uchesse tty01 Wed Feb 8 00:15 - 00:16 (00:01) uchesse tty01 Tue Feb 7 23:14 - 23:15 (00:00) The installation of a Telebit modem on 2/6 has created the connection problem -- chessene's 1200bps modem refuses to connect through the Telebit modem, and devon's only other modem line is usually busy. Anyway, because of the lack of connect time with chessene, my paltry 30Mb /usr/spool filesystem (devon has only a *total* of 110Mb of disk space) has overflowed 4 times. Much of the mail and news destined for chessene the past several days has either fallen in the bit bucket, or been forcably removed by me to get my space back. I've talked on the phone with the admin of chessene, Mark (the intended victim), and we are working on a solution, but chessene is temporarily not available to the net. In all of this hassle, some e-mail messages have escaped my system saying that "we have been unable to contact site chessene ...", bound for the systems that tried to honor the sendsys request. I apologize to all for any inconvenience, I tried to stop them all, but I'm not on this system 24 hours a day. - paul -- Paul Sutcliffe, Jr. INTERNET: paul@devon.LNS.PA.US | How many whales do you have to UUCP: ...!uunet!sir-alan!devon!paul | save to get a toaster?