LYNX abuse by hackers?
Chuck Bearden
cbearden at sparc.hpl.lib.tx.us
Fri Mar 21 10:50:18 EST 1997
On Fri, 21 Mar 1997 Bill Walker <WALKEB05 at stockton.lib.ca.us> wrote:
> Hi. I would like to call on the expertise and experience of this
>group's members. Here is the scenario:
>
> Our public library has LYNX access at all public terminals and, until
>recently, available to our dial-up users. Recently it has come to the
>attention of our Systems staff that it is possible for hackers to use our
>LYNX browser access to somehow crack distant systems and cause havoc. Has
>anyone heard of this? If so, is it very likely to happen?
What is the nature of the cracking that your users were supposedly doing
at remote sites? It is very important to know this. Ask any site
supposedly being abused by one of your users to send excerpts from the
logfiles showing the illicit activity so that you can know what is
going on.
Important first question: can they exit from Lynx to get to a shell
prompt on your system by typing either a ! or CTRL-Z?
There are scads of possible scenarios, from relatively harmless to
quite serious, and you need to get a more precise idea of what is
happening.
What version of Lynx are you using, and with what arguments is it
being launched? And from what platform (Solaris, Linux, HP-UX,
Vax, etc.)? Email me off-list if you wish.
Chuck
-------------------------------------------------------------
Chuck Bearden email: cbearden at hpl.lib.tx.us
Catalog Department voice: 713/247-3499
Houston Public Library fax: 713/247-3158
500 McKinney Ave.
Houston, TX 77002 -=> NOT SPEAKING FOR HPL <=-
-------------------------------------------------------------
-=>HPL's Homepage: http://sparc.hpl.lib.tx.us<=-
More information about the Web4lib
mailing list