On Mon, Nov 20, 2000 at 02:14:57AM +0100, Piotr Kasztelowicz wrote:
> The hackers read ORBS data base called by its "insecure hosts"
> and apply to break hosts direclty from list!
ORBS only lists hosts that are open mail relays. ORBS doesn't list
hosts that are not open relays but have other vulnerabilities.
ORBS is not a list of hosts with insecure telnet daemons.
ORBS is not a list of hosts with insecure ftp daemons.
> The ORBS insecure hosts' data base is possible to read for all,
> but I think logic, that should be first of all for administator
> of indicated host, and when they made nothing to improve security,
> then could be disscused to inform about such host widely.
ORBS is meant to blacklist problem hosts immediately, to curtail
damage to other systems.
> Also answer the question why, the hackers finished with proofs,
> when I have blocked complete access to my host for ORBS?
Maybe the "hackers" have nothing to do with ORBS. Your only shred
of proof is a connection attempt to telnet from Romania.
> And why I'm existing still in data base of insecure hosts,
> when my host is already secure and works on recommended software
> (qmail, tcpserver)? I'm existing, because I let me to request
> to finish scanning smtp my host and I'm established by ORBS
> as "bad"?
Send mail to ORBS and try to resolve this with them.
PGP signature
