Berkeley CSUA MOTD:Entry 27548
Berkeley CSUA MOTD
 
WIKI | FAQ | Tech FAQ
http://csua.com/feed/
2025/04/07 [General] UID:1000 Activity:popular
4/7     

2003/2/27-28 [Computer/SW/Security, Computer/SW/Unix] UID:27548 Activity:high
2/26    Wasn't csua passwd was compromised the other time?  Could the hacker
        had placed some program on csua that snoops our email?  I think my
        email account has been snooped on.  I send out a email to a friend
        giving him my server ip and port, but someone else visited my server
        since my friend was not able to access my server.  I got a foreign
        ip accessed my server.
        \_ obUsePGP!
        \_ obUsePGP! If you send messages in the clear anyone can read them.
          \_ PGP is useless until it is made more transparent. Even the people
             who invented it have agreed on this. The existing tools are simply
             too difficult to use and even people with clue end up sending
             clear text or gibberish by accident half the time.
             \_ The 'people'?  Perhaps you mean the person, namely Phil
                Zimmerman?  And what you've just suggested does not sound
                very much like the sort of thing Phil Zimmerman would say.
                Could you post a citation so we know you're not talking out of
                your ass here?  If you are just talking out of your ass, could
                you make a point of sticking your head up your ass before
                doing this in the future so we don't have to listen to your
                blather?  Thanks.
                \_ <Sigh> The most notable "blather" is Whitten & Tygar (1999).
                   cited in the GNU privacy handbook, chapter 5.
                   cited in the GNU privacy handbook, chapter 5. You are, of
                   course, correct that it does not very much sound like
                   something Phil Zimmerman would say.
        \_ What makes you think it's not a problem on your friend's end?
           \_ it may be possible too since the company uses MS Exchange and
              Outlook, but they are very good at patching up the security
              holes. =D  Have you ever had nimda.a/e on you machine? if you
              see httpodbc.dll in all your root drives, your machine is
              infected with nimda.e.  Most likely a hacker has already placed
              a backdoor in your computer...
        \_ More likely you were just port scanned.
          \_ but he wouldn't know the exact path of the file to call even he
          finds out that port is open.  I had NAT forward that port to my
          my server.  And the web app is under a specific context-root, also
          the file is has a unique url mapping.  I see the visitor access
          that exact path right after my email went out (well a few minutes
          later).
          \_ Foreign eh? Which country?
             \_ foreign=alien=non-local
        \_ You really should email root about this.
           \_ Ya, that way root will be more careful about reading ppl's email.
              Seriously though, what are the odds of someone having the
              patience to go through and read your email? Did you look in your
              apache logs to see what IP it was that looked up your site?
                \_ Don't knock the propensity of individuals to do what normal
                   people like you and I would consider a complete lack of a
                   life for intrusive purposes.  Security through obscurity
                   or even anonymity is not a good idea.  -John
              \_ last time I checked the IP belonged to http://prophetfinance.com, I
              took a look at it subnet ips, they tranlated to greet, pride,
              lust, stalin, roosevelt, churchill, etc <DEAD>.prophetfinance.com<DEAD>. It
              is probably managed by some Russian sys-admin since he seems to
              name the servers with Russian leaders.
              \_ Churchill and greet are my favorite Russian leaders!
                \_ Okay, machines with people names are name of Russsian
                leaders.  Damn, always some block head nit-picking posts while
                totally ignoring the main point
                \_ if you use a completely specious argument to back up your
                   contention that it's a Russian sysadmin and you get called
                   on it, I don't think it qualifies as nit-picking
        \_ What is your site anyway?
          \_ just some stuff to test my web configuration.
ERROR, url_link recursive (eces.Colorado.EDU/secure/mindterm2) 2025/04/07 [General] UID:1000 Activity:popular
4/7     

You may also be interested in these entries...
2013/10/24-11/21 [Computer/Companies/Apple] UID:54747 Activity:nil
9/19    "No, A Severed Finger Will Not Be Able to Access a Stolen iPhone 5S"
        http://mashable.com/2013/09/15/severed-finger-iphone-5s
        I'm sure the Apple QA department has tested extensively that a severed
        finger will not be able to access a stolen iPhone 5S.
        \_ It doesn't matter whether or not a severed finger can be used.  It
           matters whether or not a robber thinks that a severed finger can be
	...
2013/6/6-7/31 [Politics/Foreign/Asia/China, Computer/SW/Security] UID:54690 Activity:nil
6/6     Wow, NSA rocks. Who would have thought they had access to major
        data exchangers? I have much more respect for government workers,
        crypto experts, mathematicans now than ever.
        \_ flea to Hong Kong --> best dim-sum in the world
           \_ "flee"
        \_ The dumb ones work for DMV, the smart ones for the NSA. If you
	...
2012/8/26-11/7 [Computer/SW/Security] UID:54465 Activity:nil
8/26    Poll: how many of you pub/priv key users: 1) use private keys that
        are not password protected 2) password protect your private keys
        but don't use ssh-agent 3) use ssh-agent:
        1) .
        2) ..
        3) ...
	...
2012/8/29-11/7 [Computer/SW/Security] UID:54467 Activity:nil
8/29    There was once a CSUA web page which runs an SSH client for logging
        on to soda.  Does that page still exist?  Can someone remind me of the
        URL please?  Thx.
        \_ what do you mean? instruction on how to ssh into soda?
           \_ No I think he means the ssh applet, which, iirc, was an applet
              that implemented an ssh v1 client.  I think this page went away
	...
2012/9/20-11/7 [Computer/SW/Unix, Finance/Investment] UID:54482 Activity:nil
9/20    How do I change my shell? chsh says "Cannot change ID to root."
        \_ /usr/bin/chsh does not have the SUID permission set. Without
           being set, it does not successfully change a user's shell.
           Typical newbie sys admin (on soda)
           \_ Actually, it does: -rwsr-xr-x 1 root root 37552 Feb 15  2011 /usr/bin/chsh
	...
2012/8/7-10/17 [Computer/SW/Security] UID:54455 Activity:nil
8/6     Amazon and Apple have lame security policies:
        http://www.wired.com/gadgetlab/2012/08/apple-amazon-mat-honan-hacking/all
        "First you call Amazon and tell them you are the account holder, and
         want to add a credit card number to the account. All you need is the
         name on the account, an associated e-mail address, and the billing
         address. "
	...
2012/8/30-11/7 [Computer/SW/Apps, Computer/SW/Unix] UID:54470 Activity:nil
8/30    Is wall just dead? The wallall command dies for me, muttering
        something about /var/wall/ttys not existing.
        \_ its seen a great drop in usage, though it seems mostly functional.
            -ERic
        \_ Couldn't open wall log!: Bad file descriptor
           Could not open wall subscription directory /var/wall/ttys: No such file or directory
	...
2012/5/8-6/4 [Computer/SW/Unix] UID:54383 Activity:nil
5/8     Hello everyone!  This is Josh Hawn, CSUA Tech VP for Spring 2012.
        About 2 weeks ago, someone brought to my attention that our script
        to periodically merge /etc/motd.public into /etc/motd wasn't
        running.  When I looked into it, the cron daemon was running, but
        there hadn't been any root activity in the log since April 7th.  I
        looked into it for a while, but got lost in other things I was
	...
2012/2/9-3/26 [Computer/SW/Security, Computer/SW/Unix] UID:54305 Activity:nil
2/9     Reminder: support for mail services has been deprecated for *several
        years*. Mail forwarding, specifically .forward mail forwarding, is
        officially supported and was never deprecated.
        \_ There is no .forward under ~root.  How do we mail root and how do
           we get responses?
           \_ root@csua.berkeley.edu is and always has been an alias.
	...
Cache (3293 bytes)
prophetfinance.com -> www.prophet.net/home/intro.jsp
Use the Free Trial to get acquainted with our premium services! For example, premium members can get started by building and saving scans, creating Watch Lists, and saving study sets, chart styles, and custom desktop layouts. During the Free Trial, you'll have unlimited access to the premium service or membership of your choice. At the end of the free-trial period, your trial will automatically convert to a subscription and your credit card will be charged monthly or annually, depending on the type of membership you choose. Net, the complete technical analysis suite in your browser! Net exists for one reason: to help you make better trading decisions. My name is Tim Knight, and in 1992 - several years after falling in love with trading - I founded Prophet Financial Systems to deliver market data reliably and affordably to traders around the world. Before starting Prophet, I was Vice President of Technology Products in the development group of Montgomery Securities, where my team created PC-based trader's workstations long before individual investors were trading on the web. My "customers" were among the most challenging in the business, and I took their requirements as my own. Over the years, I have refined my own trading style to a point where consistent analysis produces consistent profits. And through the ups and downs of the market, technical criteria and charting have always served as the foundation for my trading. Net to deliver: * the analytical power of professional-level software programs * the immediacy of live, streaming data * the convenience of any browser, anywhere access After all, if I can access my brokerage account from anywhere, my analysis tools should be equally available from my home computer, my office, or even at the public library! And even though I've been using computers since 1980, I wanted something easy to learn and easy of use, in order to avoid wading through hefty manuals. Net is a unique investment in your trading that delivers in all these areas and more. Net the #1 Site for Technical Analysis, with "the Best Charts on the Web." Prophet has also received Reader's Choice Awards from Technical Analysis of Stocks & Commodities Magazine, as well as accolades from other top publications, such as Business Week. This comprehensive technical analysis suite offers real-time tools for exploring new trading opportunities, analyzing them with technical charts, and managing your trading with the market's every move. Net continually shapes itself to the way you think about trading. As you trade, it becomes your customized technical analysis system. Net give you the analytical edge to improve the way you trade. Net, you'll enjoy the convenience of managing your trading ideas via personalized watch lists wherever you go on the site, while profiting from advanced capabilities not available anywhere else, including: More Technical Studies Over 130 studies and indicators Find support and resistance levels with trendlines and channels Fibonacci tools (Gold) More Live Information Streaming charts, quotes, and portfolios Real-time alerts Live market scans More Market Data Stocks from 1968, futures from 1959 Indexes, options, and mutual funds Up to 60 days of intraday history (minute bars to 2 hours) Ready to Get Started?