Just a sample of the Echomail archive
[ << oldest | < older | list | newer > | newest >> ]
| Message 271 |
| mark lewis to Oli |
| Pssword ord ord case insensitive or not? |
| 22 Apr 20 15:57:16 |
TZUTC: -0400 MSGID: 97.fido-net_dev@1:3634/12 2305d7fd REPLY: 2:280/464.47@fidonet 5ea09cfb PID: Synchronet 3.18a-Linux Apr 22 2020 GCC 7.5.0 TID: SBBSecho 3.10-Linux r3.160 Apr 22 2020 GCC 7.5.0 CHRS: ASCII 1 NOTE: FSEditor.js v1.103 Re: Pssword ord ord case insensitive or not? By: Oli to Alan Ianson on Wed Apr 22 2020 21:37:31 Oli> I wonder why we still use packet passwords. at one time, fidonet has had some folks that like to ""play games""... one of their games was to take messages from another (adult-oriented) network, replace their headers with message headers from legitimate fidonet messages, and then drop those bogus messages off in unsuspecting systems inbounds... they generally used someone else's node number for these injections... at that time, packet passwords were not as widely used and figuring out how to get a system's session password was (and still is) fairly easy to do... one of the suspected goals of these pranksters(??) was to try to increase security in fidonet... so the victim systems, saw the mail from a supposedly legitimate link and tossed it... the result was chaos... Oli> Why not create a inbound filebox for every node/point that calls Oli> and rely on the session password? two layers of protection are better than one... at least, that's the current thought... witness today's internet logins using a password as well as an authentication token sent via SMS or similar... Oli> Is there any (open source) mailer or tosser that support inbound Oli> fileboxes? binkd supports inbound fileboxes... i'm not sure about tossers, though... when i was using inbound fileboxes on my previous system, i had a script that located inbound traffic in the inbound fileboxes and moved it to a central processing directory where the tosser could find it... in addition to moving the traffic, the script did some additional processing to attempt to validate the traffic as being authentic before the tosser was allowed to process it... the traffic was also archived for later analysis if needed... it wasn't really pretty but it worked ;) )\/(ark --- SBBSecho 3.10-Linux * Origin: SouthEast Star Mail HUB - SESTAR (1:3634/12) SEEN-BY: 1/120 123 18/0 200 90/1 103/705 116/116 120/340 601 123/0 SEEN-BY: 123/25 50 150 160 170 755 135/300 153/7001 7715 154/10 30 SEEN-BY: 154/40 50 700 203/0 221/0 6 226/30 227/114 400 229/426 1014 SEEN-BY: 240/5832 249/206 317 261/38 280/464 5003 288/100 292/854 SEEN-BY: 292/8125 300/4 310/31 317/3 322/757 342/200 396/45 423/120 SEEN-BY: 633/280 712/848 770/1 3634/0 12 15 24 27 50 119 PATH: 3634/12 154/10 280/464 229/426 |
[ << oldest | < older | list | newer > | newest >> ]