Sibayan Das saw fit to inform LIH that:
> Last year arround Oct-Nov one fine mornin' I was playin' with Telnet. I was
> experimentin' on cal2 server of VSNL. As it is it was hackneyed. Then I
> tried FTP on cal2, which I never did. I got root access. I came out without
You want me to forward this to VSNL Calcutta? In fact, I will.
> any exploytation. Then after I did the same thing for 'bout 10 times for 2-3
> months. After that one day I along with my friends got a System Privilage
> saying VSNL is closin' all its shell accounts with telnet access. I don't
Primarily because of morons like you cracking their servers. Also
because we at CAUCE India complained to VSNL Calcutta that their servers
1. Were open relays (see http://www.orbs.org/otherresources.html for
more info on WHAT an open relay is)
2. Were full of security (including root access) holes, and lots of
people were downloading and cracking their /etc/passwd file, and
spamming all the users listed in the file.
VSNL, in their infinite wisdom, shut down port 23 (telnet) when our
complaints were about insecure port 25 (smtp). Anyway, it's pretty good
they did it - if they don't have enough of a clue to secure their
servers (simple thing would be to upgrade and patch their antique
boxes), they can at least prevent stupid script kiddies like you from
accessing unix accounts and trying out age old, commonly available hacks
(and thinking they are gr8 31337 h4x0r d00dz).
If cracking is your idea of "linux", I'd strongly advise you to
unsubscribe from the list ~before~ you are booted.
> know whether it was corelated but the fact is VSNL didn't check its Log for
> for at least 3 months. I've NT & *nix Pass Crackin' utilities, with the
Script kiddie for sure - real crackers wouldn't need any "utilities" to
break in to vsnl.
> help of that I can get the passes. I was ashamed thinkin' our leadin' ISP's
> system config was so poor. I did the same thin' with many other servers.
Hypocrite. If you could tell me which other servers, I'll take the
trouble to mail their admins. For now, am mailing Thaths - with the
request that he boot your miserable ass from the list. Thaths - please
take action - we can't have LI being populated by crackers.
> So if you discuss anythin' 'bout crackin', I'm always here for gatherin'
> knowledge. Any body can use this for security reason.
That's what they ALL say.
--
Suresh Ramasubramanian | President, CAUCE India
[EMAIL PROTECTED] | [EMAIL PROTECTED]
http://www.india.cauce.org | Stopping Spam In India
--
The debate rages on: Is PL/I Bachtrian or Dromedary?
-----------------------------------------------------------------------
For information on this and other Linux India mailing lists check out
http://lists.linux-india.org/
