On 2016-06-20 18:19, Brian Schenkenberger, VAXman-
wrote:
___ _ _ _ __ __ _ _ _
_ ___ _____
/ __| /_\ | \| | \ \ / / /_\ | | | \| | | __| |_ _|
\__ \ / _ \ | .` | \ V / / _ \ | |__ | .` | | _| | |
|___/ /_/_\_\_|_|\_| |_| /_/ \_\ |____| |_|\_| |___|_ |_|
You've allowed this node on HECnet, so I assume somebody on this list knows
who runs it.
Who runs it can always easily be found by
http://mim.update.uu.se/nodedb
Please have it secured! It has been used in the
past several
days to try and break into my system(s). It is highly irresponsible to put
access credentials into its SYS$ANNOUNCE allowing ANYBODY access to DCL and
other utilities that can affect systems on the internet. A reasonable way
to allow access would be to have a guest account (restricted/captive) that
can be used to create other login accounts. Validate such accounts with a
valid email address and other schemes that will insure that whomever is on
this system can be vetted in some fashion.
THANK YOU!
I'm curious about what kind of intrusions we're talking about, and over
which network.
In general, I want to keep HECnet more open than what you are suggesting
above, but this also requires that people act responsibly. If there is
abuse, I'd like to know.
Well, since I have not yet put any of my systems on HECnet, it should have
been obvious that it's via the internet.
--
VAXman- A Bored Certified VMS Kernel Mode Hacker VAXman(at)TMESIS(dot)ORG
I speak to machines with the voice of humanity.