LISTSERV - HP3000-L Archives

HP3000-L Archives

July 1999, Week 3

HP3000-L@RAVEN.UTC.EDU

	LISTSERV Archives
	HP3000-L Home
	HP3000-L July 1999, Week 3

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: Converting 9000 to 3000
From:	Mark Bixby <[log in to unmask]>
Reply To:	[log in to unmask][log in to unmask]
Date:	Fri, 16 Jul 1999 09:40:30 -0700
Content-Type:	text/plain
Parts/Attachments:	text/plain (52 lines)

Joe Geiser writes:
> So, in essence, although DejaNews keeps quite the archive, it is by
> no means the only newsfeed in the world - just probably the most
> comprehensive.  There's no way to stop a feed to just one public NNTP
> server that accepts newsfeeds within the ether.

Heh heh heh, yes there is.  ;-)

Well, maybe.

Usenet feeds rely on the Path: header to prevent feed loops.  The Path:
header is a topological list of all of the news server host names that
an article has travelled through.

When a news server receives an article, the server consults its
configuration data to see if any downstream feeds have asked for any of
the newsgroups in the Newsgroups: header.  If so, the server then examines
the Path: header to see whether or not the article has already been to the
downstream site.  If the downstream hostname appears in Path:, the article
isn't propagated to that site in order to prevent circular loops.

There is a nefarious use of this anti-loop feature.  Let's say I want to
forge a Usenet article using somebody else's name.  I know what news server(s)
the person uses by looking at the Path: header of their articles.  I can
post this article to the entire world but hide it from the person I'm
impersonating simply by also forging my Path: header to already include
the person's closest news servers.

Before everybody goes off and starts forging, note that you generally need
to be a newsadmin in charge of a news server in order to forge a Path: header.
You generally cannot do this via a standard NNRP news reader connection.

So how can we use this to subvert Deja?  Simply add all of Deja's intake
machines to a forged Path: header.  Of course, the possibly tricky part would
be to determine the complete list of intake machines and keeping it up to date.

I for one am not in favor of doing this.  Deja has proven to be an incredibly
useful resource for me over the years, and I think that the more public
content Deja sucks up, the better.

The better solution would be for people concerned about Deja to obtain a
free e-mail account from any number of sources and post their sensistive
stuff from that obscured identity.  I personally pay closer attention to
non-anonymous postings, but if you prefer to be anonymous (and non-criminal),
go for it.
--
Mark Bixby                      E-mail: [log in to unmask]
Coast Community College Dist.   Web: http://www.cccd.edu/~markb/
District Information Services   1370 Adams Ave, Costa Mesa, CA, USA 92626-5429
Technical Support               Voice: +1 714 438-4647
"So long and thanks for all the fish!"

ATOM RSS1 RSS2

RAVEN.UTC.EDU