From: Lyman Hazelton <lrh@crl.com>
Date: Tue, 2 Aug 94 10:18:54 PDT
To: cypherpunks@toad.com
Subject: Re: "Anon" fake...
In-Reply-To: <9408021528.AA10247@snark.imsi.com>
Message-ID: <Pine.3.87.9408021022.A26442-0100000@crl.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 2 Aug 1994, Perry E. Metzger wrote:

> 
> nzook@fireant.ma.utexas.edu says:
> > Folks, we GOTTA do something about this...
> 
> The obvious and simple fix is to put code into the Majordomo
> implementation to prevent the subscription of an*@anon.penet.fi (note
> -- this wouldn't prevent subscriptions as na*@anon.penet.fi). I've
> pointed this out before -- unfortunately, the list maintainers don't
> have time to do it. Maybe someone could volunteer to do the change?
> You'd have to talk to Eric Hughes about how to do the work.
> 
> Perry
> 

Perry (and other c'punks),

  I don't think the mechanism employed by the hacker is using "who" at 
all.  Rather, it is someone who is subscribed to the list and has a 
program which looks at the author of each message to see if it is someone 
already in their database.  If it is someone new, it automatically sends 
a message for that person into the anon service.  If not, it simply 
ignores the message.  There are LOTS of silent listeners on the list and 
it could be ANY of them.  Stoping this is not going to be easy.  I don't 
suppose Julf@penet.fi would be interested in recording the name of the 
site where all these requests are originating?  Any other ideas?

						Lyman

Finger lrh@crl.com for PGP 2.4 Public Key Block.