dkpurks@nessus.UUCP (System Administrator) (11/29/88)
Our security people are trying to track down a rumor regarding hacking of PC Pursuit ID/PWs during uucp transmissions. If you have ever accidentally ended up with someone else's ID and PW in a log file somewhere, have had your ID/PW stolen during a uucp transmission, or have any ideas about how such a thing might happen, please let me know. Also, for testing purposes, could you please send me an example of your L.sys entry showing how you do your dialing? **PLEASE** remember to put dummy values in for your Pursuit ID/PW and for your system ID & PW. Dave uunet!telenet!nessus!dkpurks
karl@ddsw1.MCS.COM (Karl Denninger) (12/07/88)
In article <KPETERSEN.12451796923.BABYL@WSMR-SIMTEL20.ARMY.MIL> dkpurks@nessus.UUCP (System Administrator) writes: >Our security people are trying to track down a rumor regarding >hacking of PC Pursuit ID/PWs during uucp transmissions. If you >have ever accidentally ended up with someone else's ID and >PW in a log file somewhere, have had your ID/PW stolen during >a uucp transmission, or have any ideas about how such a thing >might happen, please let me know. We've ended up with a hacker trying to get our password and ID! The way it works is this: The "cracker" tells the network to connect to the dialin port (I assume he needs the PAD's address, which may or may not be hard to get). He then spoofs the "@" prompt, and you send your merry password and id, and he gets it. Nice! It's a Classic Trojan Horse. I called Telenet customer support immediately. Telenet tried to tell me what I had seen was impossible. How about "@ <nl><nl> Hello there from Cleveland." (!!!!!). Yep, that was what I saw once.... THAT particular person wasn't malicious, but others.... Then there were several hours on our id when they cut over to "really" billing for daytime usage.... hours which we couldn't have possibly really used. We had quite a nice spat with Telenet over those; they were finally dropped as "improper charges" (who knows what that meant). Be real careful with PC Persuit and your id/pw. From my experience it would appear that it is quite possible to be "horsed"..... -- Karl Denninger (karl@ddsw1.MCS.COM, ddsw1!karl) Data: [+1 312 566-8912], Voice: [+1 312 566-8910] Macro Computer Solutions, Inc. "Quality solutions at a fair price"
info-pursuit-request@bigtex.cactus.org (12/10/88)
Several months ago Telenet started using new PAD software that makes it impossible for anyone to connect to dialup PADs. It is no longer possible to use that method to get someone's PC Pursuit ID/Password. -------- PC Pursuit Mailing List is info-pursuit@uunet.uu.net Administrivia to info-pursuit-request@uunet.uu.net