MOO-cows Mailing List Archive
[Prev][Next][Index][Thread]
Logging and Security Hole.
-
Date: Tue, 30 Jan 1996 06:16:45 PST
-
From: Robert Lance Milby <NStalker@tory.adsnet.com>
-
Content-Type: TEXT/PLAIN; charset=US-ASCII
Ok, here's the problem, about a month ago we had a guest log in and using
a loop hole in our Core DB (LambdaCore-1Oct94.db) to get email addresses
for different players... As far a I can tell we have no players from this
site that the guest logged in from. Is this a known loop-hole with a
patch or just some guy who happened to know a few players from other
sites and thier email makeing me paranoid.. He said it was an easy fix
but didn't give us any more info than that.. I have no clue how he did
it, but would like to know..
Secondly, I'd like a way to log all commands that a grey listed site
issues into the server log.. I think all I have to do is modify the
$command_utils:do_huh, but I think that this would be a nice addition to
the next LambdaCore. Since Greylisting is suppose to be a warning of
problems, have it log all commands from those sites.. Comments Welcome.
In Him, for Him
---------------------------------------------------------------------
Night Stalker | telnet tory.adsnet.com 7777
Tory Moo | http://tory.adsnet.com/
KD4MZU | email: NStalker@tory.adsnet.com
Follow-Ups:
Home |
Subject Index |
Thread Index