To LUGNET HomepageTo LUGNET News HomepageTo LUGNET Guide Homepage
 Help on Searching
 
Post new message to lugnet.admin.suggestionsOpen lugnet.admin.suggestions in your NNTP NewsreaderTo LUGNET News Traffic PageSign In (Members)
 Administrative / Suggestions / 804
803  |  805
Subject: 
 Re: Message awaiting authentication
Newsgroups: 
 lugnet.admin.suggestions
Date: 
 Mon, 1 Dec 2003 15:34:23 GMT
Viewed: 
 1240 times
  
In lugnet.admin.suggestions, Larry Pieniazek wrote:

So maybe this is a valid topic for discussion.

Nobody said it wasn't! Rereading what Todd said in that post I don't
see how a standard NNTP client would necessarily supply the
authentication stuff so I'm not sure I see how it would help. Can
standard NNTP clients be coerced into adding additional header tags
or something?

Been a bit too busy to reply to this, but...  Once again you're
selfishly thinking about the client side.  No! No! No!  While you
could run this sort of thing on the client, the right place is on
the lugnet server.  Now I don't have much experience with NNTP,
but I've played with SMTP which does this sort of thing routinely.

Start with a small port forwarding proxy like tcprelay and have it
relay everything from port 12345 to the normal lugnet NNTP port.
Actually a small NNTP authentication proxy like nnap would be a
great start.

  http://www.freebsdcluster.org/~lasse/software/nnap.c

You set this up to do NNTP authentication with lugnet usernames and
passwords before it goes about forwarding things.  Now here comes
the tricky part.  Cache the username and password so that whenever
a new post comes in to the proxy, it can rewrite the header to undo
any username spoofing.  Then forward the post, and (I like this part)
automatically send a lugnet authentication email with the cached
username and password.  The nice part is this works on top of the
current authentication system, but can be enabled or disabled
independently.

Ok, maybe I missed some of the details about the authentication
email.  I haven't seen one in a while so I don't remember what's in
one of them.

Enjoy,

Don



Message has 1 Reply:
  Re: Message awaiting authentication
 
"Don Heyse" <dheyse@hotmail.spam....away.com> wrote in message news:Hp839B.8zy@lugnet.com... (...) Or just automatically for a time that logarithmically increases with each spoofed post. Oh, and spoofed posts would be rejected too. That would teach (...) (20 years ago, 30-Jan-04, to lugnet.admin.suggestions)

Message is in Reply To:
  Re: Message awaiting authentication
 
(...) Todd Months aren't always under 31 days each. (...) Nobody said it wasn't! Rereading what Todd said in that post I don't see how a standard NNTP client would necessarily supply the authentication stuff so I'm not sure I see how it would help. (...) (21 years ago, 28-Nov-03, to lugnet.admin.suggestions)

6 Messages in This Thread:


Entire Thread on One Page:
Nested:  All | Brief | Compact | Dots
Linear:  All | Brief | Compact

This Message and its Replies on One Page:
Nested:  All | Brief | Compact | Dots
Linear:  All | Brief | Compact
    
Custom Search

©2005 LUGNET. All rights reserved. - hosted by steinbruch.info GbR