According to what was posted here, you may wish to start scrubbing.
http://docs.freebsd.org/cgi/getmsg.cgi?fetch=394609+0+current/freebsd-security
A chain is only as strong as its weakest link:
Connected to openbsd.sunsite.ualberta.ca.
220-
220- Welcome to SunSITE Alberta
220-
220- at the University of Alberta, in Edmonton, Alberta, Canada
220-
220- All connections to and transfers from this server are logged. If
220- you do not like this policy, please disconnect now.
220-
220- You may want to grab the index file called "ls-lR.gz" in /pub. It
is
220- updated nightly with the contents of the ftp tree.
220-
220- If you have any questions, hints, or requests, please email
220-
220- sunsite@sunsite.ualberta.ca
220-
220 merlin FTP server (SunOS 4.1) ready.
A Sun server as a host for a OpenBSD source is like writing combinations
to a bank vault on the back of your hand.
jnull
PGP: 0x54B1A25C
"!!!!!" It's the little things ....
Might as well have a windows 2000 server doing it!!!!!!!!!
Gerardo A. Gregory
Manager Network Administration and Security
402-970-1463 (Direct)
402-850-4008 (Cell)
Affinitas - Latin for "Relationship"
Helping Businesses Acquire, Retain, and Cultivate Customers
Visit us at http://www.affinitas.net
http://openbsd.org/faq/faq8.html#wwwsolaris
8.18 - Why does www.openbsd.org run on Solaris?
Although none of the developers think it is particularly relevant, this question comes up frequently enough in the mailing lists that it is answered here. www.openbsd.org and the main OpenBSD ftp site are hosted at a SunSITE at the University of Alberta, Canada. These sites are hosted on a large Sun system, which has access to lots of storage space and Internet bandwidth. The presence of the SunSITE gives the OpenBSD group access to this bandwidth. This is why the main site runs here. Many of the OpenBSD mirror sites run OpenBSD, but since they do not have guaranteed access to this large amount of bandwidth, the group has chosen to run the main site at the University of Alberta SunSITE.
A Sun server as a host for a OpenBSD source is like writing combinations
to a bank vault on the back of your hand.
Just because you don't know how to secure a Solaris box, doesn't mean others
don't.
jnull wrote:
>
A Sun server as a host for a OpenBSD source is like writing combinations
to a bank vault on the back of your hand.
s/Sun server/university/
They get bonus points for this too:
> 220 merlin FTP server (SunOS 4.1) ready.
^^^
KL
I had no intention of starting an OS flame session.
I just thought "how ironic" since openbsd touts such emphasis on
security, and their main distribution site uses another system. I use
OpenBSD, Solaris, XP... A tool for every occaision.
There isn't a system that can't be cracked with patience, good
fingerprint analysis, some coding, and maybe a little social
engineering.
j
Is it possible someone changed the default banner on their ftp server?
You can't argue with the need for storage and bandwidth. Well, I guess you
could, but I wouldn't listen.
From the FAQ...
8.18 - Why does www.openbsd.org run on Solaris?
Although none of the developers think it is particularly relevant, this
question comes up frequently enough in the mailing lists that it is answered
here. www.openbsd.org and the main OpenBSD ftp site are hosted at a SunSITE
at the University of Alberta, Canada. These sites are hosted on a large Sun
system, which has access to lots of storage space and Internet bandwidth.
The presence of the SunSITE gives the OpenBSD group access to this
bandwidth. This is why the main site runs here. Many of the OpenBSD mirror
sites run OpenBSD, but since they do not have guaranteed access to this
large amount of bandwidth, the group has chosen to run the main site at the
University of Alberta SunSITE.
Just because something says something doesn't mean that it actually is the something that it is claimed to be.