Article: 7452 of alt.hackers
From: set@oryx.llnl.gov (Sam Trenholme)
Newsgroups: alt.hackers
Subject: Re: TEST
Date: 27 Feb 1995 06:28:33 GMT
Organization: LLNL Laser Modeling & Optimization
Lines: 30
Approved: Looking for a girl named Denise who goes to UCSC
Distribution: inet
Message-ID: 3irreh$rne@lll-winken.llnl.gov
NNTP-Posting-Host: oryx.llnl.gov
Status: RO

>123

Didn't work. The ObHack somehow got cut off. Must be some bug in your 
posting program.

ObHack:

This Post. (Just Kidding)

ObStayAwayKevinMitnickHack:

I wanted to make this machine here immune to packet-sniffing attacks, 
since I regularly log in to this machine through BARNET. The sysadmin 
here didn't feel that SKEY was necessary... since I'm the only person on 
this machine who logs into it remotely. Fortunatly, I had write 
permission on my login shell, since it's tcsh, which I installed myself 
as a user (it's in ~/bin, not /usr/local/bin). So I replaced tcsh with a 
program I wrote myself, which generates a one-time password, and will 
only execute a real shell if you type in the correct one-time password. 
Since my shell is not in /etc/shells, a cracker can't get in through 
FTP-- the FTP daemon thinks I have a "sorry" shell.

I'll mail it to anyone who wants it-- it's still a hack. For example, it 
core dumps if it doesn't see certain files in your home directory. The 
program obviously needs work before I post it to comp.sources.unix

Sorry if that didn't make any sense to those of you out there who aren't 
hopeless UNIX junkies.
-- 
Sam Trenholme-finger set@ocf.berkeley.edu-PGP:F49C2183787CBC49717524ED25CC90C9 

Child

Back to index