Actually he has a point. The SANS conference I attended last year
included a demonstration of how sites are broken into. The first thing
the presenters did was give a talk about researching your target. One
thing they like to do is do searches in technical lists (e.g.
[EMAIL PROTECTED]) for the target’s domain name or even the name of a
known sysadmin. They use this technique to get clues on the
architecture of their target, and of course a lot of queries on this
list will lay out exactly what the architecture is.
I don’t use my employer’s hostname when sending email on this list for
that reason; though that’s about the only obfuscation I’m using.
I’ve been around the net long enough (worked at a University when the
net was run by DARPA; pre-web days) to bemoan the fact that finger
daemons were having to be disabled because they were used as a way to
collect spam targets. This is another example where people are having
to be less open.
=== Al
--- Steven Katz <[EMAIL PROTECTED]> wrote:
> I'm calling it domain.com to protect it's identity as it's currently
> in an extremely vulnerable state (which should be obvious from my
> questions). What's the big deal?
>
> Steven
>
>
> -----Original Message-----
> From: Chris Johnson
> Sent: Friday, April 13, 2001 2:33 PM
> To: Steven Katz
> Cc: [EMAIL PROTECTED]
> Subject: Re: smtp and pop not working
>
>
> On Fri, Apr 13, 2001 at 10:22:39AM -0700, Steven Katz wrote:
> > Both smtp and pop seem to be unhappy with me.
> >
>
> Your domain isn't domain.com, and if you tell the list members that it is,
> they'll ignore you.
>
> Chris
>
__________________________________________________
Do You Yahoo!?
Get email at your own domain with Yahoo! Mail.
http://personal.mail.yahoo.com/
