Dear LEGO : 737


Dear LEGO / 737

		Re: Brad Justus is real
(...) Actually, no, it's not possible to effectively forge messages here. Yes, you can post messages using someone else's name (easily, even). But it is _not_ possible to forge the originating IP in Todd's logs. Which means that even though _we_ (...) (25 years ago, 12-Dec-99, to lugnet.dear-lego)

		Re: Brad Justus is real
(...) Not to spread paranoia, but... offhand, I can think of three different ways to forge the IP in Todd's logs. Supposing someone wanted to pose as Brad Justus: one could a) break into Brad's machine and post from there b) break into Todd's (...) (25 years ago, 13-Dec-99, to lugnet.dear-lego)

		Re: Brad Justus is real
(...) Point 1, he uses IE on Windows NT (if we can believe the first message, at least). So no remote breaking in. Which leaves physical access - which is IMHO rather unlikely. (...) Break into a high-security FreeBSD box? Highly unlikely, (...) (25 years ago, 13-Dec-99, to lugnet.dear-lego)

		Re: Brad Justus is real
(...) Why not? BO2K runs on Windows NT and Win2000 boxes. (The new version of Netbus does too, but I'm not sure if that's publicly available yet.) (...) But if you anticipate what packets the remote side will return, you can generate the appropriate (...) (25 years ago, 13-Dec-99, to lugnet.dear-lego)

		Re: Brad Justus is real
Moving this to .debate, for lack of lugnet.off-topic.comp.risks. (...) BO isn't cracking - it's carelessness on the part of the crackee. Anyone can distribute happy99.exe, but breaking root on an up-to-CERT unix box is something very few can do. (...) (25 years ago, 14-Dec-99, to lugnet.dear-lego, lugnet.off-topic.debate)

		Re: Brad Justus is real
(...) Sure. But the issue isn't how it happened. The end net effect is the same -- it makes it easy to do something that's coming from someone else's box. (...) Again, true but probably not relevant -- such info certainly isn't in news server logs. (...) (25 years ago, 14-Dec-99, to lugnet.off-topic.debate, lugnet.off-topic.geek)