Subject:
|
Re: Message awaiting authentication
|
Newsgroups:
|
lugnet.admin.suggestions
|
Date:
|
Mon, 1 Dec 2003 15:34:23 GMT
|
Viewed:
|
1280 times
|
| |
| |
In lugnet.admin.suggestions, Larry Pieniazek wrote:
>
> > So maybe this is a valid topic for discussion.
>
> Nobody said it wasn't! Rereading what Todd said in that post I don't
> see how a standard NNTP client would necessarily supply the
> authentication stuff so I'm not sure I see how it would help. Can
> standard NNTP clients be coerced into adding additional header tags
> or something?
Been a bit too busy to reply to this, but... Once again you're
selfishly thinking about the client side. No! No! No! While you
could run this sort of thing on the client, the right place is on
the lugnet server. Now I don't have much experience with NNTP,
but I've played with SMTP which does this sort of thing routinely.
Start with a small port forwarding proxy like tcprelay and have it
relay everything from port 12345 to the normal lugnet NNTP port.
Actually a small NNTP authentication proxy like nnap would be a
great start.
http://www.freebsdcluster.org/~lasse/software/nnap.c
You set this up to do NNTP authentication with lugnet usernames and
passwords before it goes about forwarding things. Now here comes
the tricky part. Cache the username and password so that whenever
a new post comes in to the proxy, it can rewrite the header to undo
any username spoofing. Then forward the post, and (I like this part)
automatically send a lugnet authentication email with the cached
username and password. The nice part is this works on top of the
current authentication system, but can be enabled or disabled
independently.
Ok, maybe I missed some of the details about the authentication
email. I haven't seen one in a while so I don't remember what's in
one of them.
Enjoy,
Don
|
|
Message has 1 Reply: | | Re: Message awaiting authentication
|
| "Don Heyse" <dheyse@hotmail.spam....away.com> wrote in message news:Hp839B.8zy@lugnet.com... (...) Or just automatically for a time that logarithmically increases with each spoofed post. Oh, and spoofed posts would be rejected too. That would teach (...) (21 years ago, 30-Jan-04, to lugnet.admin.suggestions)
|
Message is in Reply To:
| | Re: Message awaiting authentication
|
| (...) Todd Months aren't always under 31 days each. (...) Nobody said it wasn't! Rereading what Todd said in that post I don't see how a standard NNTP client would necessarily supply the authentication stuff so I'm not sure I see how it would help. (...) (21 years ago, 28-Nov-03, to lugnet.admin.suggestions)
|
6 Messages in This Thread:
- Entire Thread on One Page:
- Nested:
All | Brief | Compact | Dots
Linear:
All | Brief | Compact
This Message and its Replies on One Page:
- Nested:
All | Brief | Compact | Dots
Linear:
All | Brief | Compact
|
|
|
|