Hello, anyone know why I get this when I post anything to this list?
Fatal Error: \n \nQuota for user [EMAIL PROTECTED] exceeded! \n \nOriginal message follows: \n \n it's from their mail delivery subsystem. Ed -----Original Message----- From: Ed Street [mailto:[EMAIL PROTECTED] Sent: Thursday, May 24, 2001 12:10 PM To: debian-security@lists.debian.org Subject: RE: strange log entry Hello, that's simple ;) If they was stable/non-exploitable then we'd be using rpc inplace of ssh ;) Ed -----Original Message----- From: Jacob Meuser [mailto:[EMAIL PROTECTED] Sent: Thursday, May 24, 2001 8:41 AM To: debian-security@lists.debian.org Subject: Re: strange log entry On Thu, May 24, 2001 at 04:06:08AM -0800, Ethan Benson wrote: > On Thu, May 24, 2001 at 04:50:57AM -0700, Jacob Meuser wrote: > > > > > BS, when was the last time you installed OpenBSD? I just did an install > > 2.5 That was what, 2 years ago? > > > today. I guarantee portmap, ruserd, and rstatd are enabled by default, > > as the installer doesn't even ask what you want to activate, and these > > programs are part of the base tarball. > > in 2.5 ftpd, portmap, smtp, and identd were open, i am pretty sure > rstatd was not. 2.6 i think disabled ftpd by default, shortly > thereafter a root hole was found in openbsd's ftpd and they prompty > said `ftpd is not enabled in the default install of 2.6 (or whatever) > and thus there is no root hole in our default install' > Ah, they probably caught the problem shortly before 2.6 release, and didn't have time to fix ftp code, but changing rc.conf was doable. Anyway, as of 2.9, portmap, rstatd, ruserd, time, daytime, comsat, sshd and identd are enabled by default. Like I said, I didn't want to start a discussion about OpenBSD vs Linux, I have seen posts from you saying that you like some features of OpenBSD, /sbin/nologin for example. I'm just curious why the 'r' tools are apparently so vulnerable in Linux. If the OpenBSD folks are willing to risk creditability by claiming that their default install has no remote holes, while enabling portmap and rstatd by default, why can't Linux users feel safe running those daemons also? <[EMAIL PROTECTED]> -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]