Log in

No account? Create an account
From forging. - Chaz Meyers — LiveJournal [entries|archive|friends|userinfo]
Chaz Meyers

[ website | chazmeyers.com ]
[ profile | view profile ]
[ archive | view archive ]

[Links:| chazmeyers.com Twitter ]

From forging. [Jan. 30th, 2004|05:11 pm]
Chaz Meyers
Quote via evan_tech, via simon_cozens, of chromatic:

With that digression out of the way, I'd like to propose a simple certification examination for people who'd like to write new mail filtering and response systems. It's very simple, just one question. If you answer the question correctly, you're free to write your software. If you answer the question incorrectly, you cannot ever write mail filtering software. I'm sorry, but that's just the way it is.

The question is, can a From address be forged?.

Temple's filters seem to be pretty good at filtering out the latest virus. (Not that it matters that much. It's hard to pwn a non-prived shell account on a commercial UNIX system..) However, it sucks at filtering out all of the *@thechaz.net addresses warning that non-existant users are sending viruses. *sigh*

Oh, aside time. If you ever get a "Bus error", that, apparantly, is a kernel space error. So, it's probably something insanely dumb that you did, such as including an invalid control string in a *printf format string.

Oh, and I doubt that anyone reading this will know this, but does anyone have a clue as to how to get vim syntax highlighting to work over SSH on TruUNIX systems? To get this to work when SSHing to a RedHat system, I had to set TERM to color_xterm and switch from tcsh to bash. The TruUNIX system only runs tcsh and sh, and it does not like it when TERM is color_xterm. Putty is my ssh client of choice.

Er, yeah. Everyone probably stopped reading by now. Um... Look! Pretty South Park icon. DISCUSS. ;)

[User Picture]From: cpm
2004-02-03 07:38 pm (UTC)

Re: Timely Huh.

I'm not sure what a 20 minute discussion of "Oh, by the way, you can change the From: line to something entirely random" was doing in a 300-level networking class. SMTP has no authentication and it's so old that people aren't going to use a new shiny SMTP that has authentication.

Or, how to add two bytes together. God. That was covered in 66 and 72, right? I knew that after sucking at BOTH of those classes.

I am getting more and more frustrated with that kid in the middle of the class who keeps on asking questions which are only slightly related to the (already ridiculous) topic at hand.

Maybe I'm just frustrated that I've been fighting with Solaris to just compile my 307 program for way too many hours today. I finally gave up and scp-ed to lucas. Mmmmmmmm... 8:40 lab tomorrow morning anyone?
(Reply) (Parent) (Thread) (Expand)