- Test - lists.nanog.org

Re: IISP Congress (fwd)
by salo＠msc.edu 22 Feb '95

22 Feb '95

> From: Elise Gerich <epg(a)merit.edu> > Subject: IISP Congress (fwd) > To: nanog(a)merit.edu > Date: Wed, 22 Feb 1995 18:00:21 -0500 (EST) > > At the NANOG meeting in Boulder, we decided to discuss the date and location > of the next meeting on line. > > Enclosed is the announcment of the IISP which has offered to host the next > NANOG meeting in San Diego on April 10, 1995. Please send email to the list > indicating whether this would be a good date for the next meeting, and if > you would consider attending then. > > If this is not a good time/place, please make recommendations to the list > or to me privately as to an alternate date/place. > [...] This is the week after IETF, as has been pointed out, and two weeks after Interop. -tjs

1 0

Re: IISP Congress (fwd)
by Sean Doran 22 Feb '95

22 Feb '95

| The $600 registration fee for this event also begs the question of what, if | any, value the ISOC brings to NANOG. I shall be extremely frank and state that in my humble personal opinion, the answer to Vince's question is: "Absolutely Nothing". Moreover, if you swap out NANOG and swap in IEPG, the answer is still "Absolutely Nothing", in spades. Sean. P.S.: I think ISOC's role in these operations forums should be limited to nil, or at most allowing them to offset the cost of coffee and donuts that the hosts of the NANOG or IEPG conferences usually provide, provided, of course, that ISOC well understands that neither body is beholden to it, or operates "under its auspices" or whatever.

1 0

Re: IISP Congress (fwd)
by Vince Fuller 22 Feb '95

22 Feb '95

As has been mentioned before, the timing of this meeting is particularly bad for those who have to travel long distances to both coasts, since IETF is the week immediately prior to this one. Personally, this isn't a problem, since San Diego is a very short trip from the Bay Area, but I suspect that others may have more difficulty. The $600 registration fee for this event also begs the question of what, if any, value the ISOC brings to NANOG. --Vince

1 0

QUESTIONS ????
by tronics 22 Feb '95

22 Feb '95

Would someone be kind enough to post the FAQ's . THANK YOU !!!! *********************************************************************** CABLE TV DESCRAMBLING !!! Insider's information for all types of systems. Everything the cable companies don't want you to know ! Want more information ? Finger or E-mail: tronics(a)aloha.com ***********************************************************************

1 0

CERT Advisory CA-95:05.sendmail.vulnerabilities
by cert-advisory＠cert.org 22 Feb '95

22 Feb '95

============================================================================= CA-95:05 CERT Advisory February 22, 1995 Sendmail Vulnerabilities ----------------------------------------------------------------------------- This advisory supersedes all previous CERT advisories on sendmail. The CERT Coordination Center has received reports of several problems with sendmail, one of which is widely known. The problems occur in many versions of sendmail (see below for details). The CERT staff recommends installing the appropriate patches immediately. If you cannot do so, consider using one of the alternatives described in Section III. As we receive additional information relating to this advisory, we will place it, along with any clarifications, in a CA-95:05.README file. CERT advisories and their associated README files are available by anonymous FTP from info.cert.org. We encourage you to check the README files regularly for updates on advisories that relate to your site. ----------------------------------------------------------------------------- I. Description There is a problem in versions of sendmail that support IDENT (RFC 1413) functionality. This problem could allow an intruder to gain unauthorized access to your system remotely (that is, without having access to an account on the system). Systems known at this time to be affected are named in the Solutions section below; see the column labeled "Remote vul?/patch status." In addition, other problems have been identified in sendmail that allow intruders to gain unauthorized privileges. Intruders need to have access to an account on your system to exploit these problems. The problems occur in many versions of sendmail. The final column of the table in the Solutions section indicates systems known at this time to be affected. II. Impact By exploiting the vulnerabilities, intruders may be able to read any file on the system, overwrite or destroy files, or run programs on the system. The problem in IDENT's subroutines enables intruders to exploit the vulnerability remotely. To exploit the other vulnerabilities, intruders need to have access to an account on the system. III. Solution A. Obtain the appropriate patch from your vendor and install it according to the instructions included with the patch. Below is a summary of information we have received from vendors. More details, including how to obtain patches, are in the Appendix A of this advisory. This information is reproduced in the CA-95:05.README file, which we will update periodically. If your vendor's name is not on this list, please contact your vendor directly. Vendor or Source Remote vul?/patch status Local vul?/patch status (IDENT) --------------- ------------------------ ------------------------ Eric Allman version 8.6.10 no/ -- no/ -- all other versions yes/upgrade avail. yes/upgrade avail. Apple Computer, Inc. v.3.1.1, 3.1 no/ -- yes/patch avail. earlier versions yes/see appendix yes/see appendix Berkeley Software Design, Inc. (BSDI) version 2.0 no/ -- yes/patch avail. soon other versions yes/patch avail. soon yes/patch avail. soon Cray Computer Corporation (Craycos) no/ -- yes/patch avail. Data General Corporation no/ -- no/ -- Digital Equipment Corp. no/ -- yes/patch avail. soon Harris Comp.Systems Corp. yes/patch avail. yes/patch avail. Hewlett-Packard Company no/ -- yes/patch avail.by Feb 23 IBM Corporation no/ -- yes/patch avail. Motorola yes/patch avail. yes/patch avail. Open Software Foundation no/ -- yes/see appendix The Santa Cruz Operation no/ -- yes/patch avail. soon Sequent Computer Systems no/ -- yes/patch avail. Silicon Graphics (SGI) no/ -- yes/patch avail. Solbourne (Grumman) no/ -- yes/patch avail. soon Sony Corporation yes/patch avail. yes/patch avail. Sun Microsystems, Inc. no/ -- yes/patch avail. B. Install sendmail 8.6.10, which is freely available (see Appendix A for locations). This version fixes all the problems described in this advisory. Be aware that, depending upon the currently installed sendmail program, switching to a different sendmail may require significant effort (such as rewriting the sendmail.cf file.) C. Until you are able to install the appropriate patch or sendmail 8.6.10, we recommend the following workarounds. 1. To protect against remote attacks only: If you are running sendmail versions 8.6.6 through 8.6.9, you can turn off the IDENT protocol by adding the following line to the configuration file and then restarting sendmail: Orident=0 If you have difficulty doing so, consult your documentation or vendor for guidance. If you are running 8.6.5 or earlier you cannot disable IDENT in this way. Instead, you should upgrade to version 8.6.10. 2. To provide limited protection against local attacks: Install the "sendmail wrapper" that is provided in Appendix B of this advisory. The wrapper is also available by anonymous FTP from info.cert.org:/pub/tools/sendmail/sendmail_wrapper/sendmail_wrapper.c MD5 = 5c930d9d139dfaa1dfc9de6c40ddf8c6 ftp.auscert.org.au:/pub/auscert/tools/sendmail_wrapper.c MD5 = 5c930d9d139dfaa1dfc9de6c40ddf8c6 ftp.cert.dfn.de:/pub/tools/net/sendmail-wrapper/sendmail-wrapper.c MD5 = 5c930d9d139dfaa1dfc9de6c40ddf8c6 --------------------------------------------------------------------------- The CERT Coordination Center thanks Eric Allman, Wolfgang Ley, Danny Smith, and Eric Halil for their support in responding to this problem. --------------------------------------------------------------------------- If you believe that your system has been compromised, contact the CERT Coordination Center or your representative in the Forum of Incident Response and Security Teams (FIRST). If you wish to send sensitive incident or vulnerability information to CERT staff by electronic mail, we strongly advise that the e-mail be encrypted. The CERT Coordination Center can support a shared DES key, PGP (public key available via anonymous FTP on info.cert.org) or PEM (contact CERT staff for details). Internet E-mail: cert(a)cert.org Telephone: +1 412-268-7090 (24-hour hotline) CERT personnel answer 8:30 a.m.-5:00 p.m. EST(GMT-5)/EDT(GMT-4), and are on call for emergencies during other hours. Fax: +1 412-268-6989 Postal address: CERT Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213-3890 USA CERT advisories and bulletins are posted on the USENET newsgroup comp.security.announce. If you would like to have future advisories and bulletins mailed to you or to a mail exploder at your site, please send mail to cert-advisory-request(a)cert.org. Past advisories, CERT bulletins, information about FIRST representatives, and other information related to computer security are available for anonymous FTP from info.cert.org. CERT is a service mark of Carnegie Mellon University. ............................................................................. Appendix A: Vendor Information Current as of February 22, 1995 See CA-95.05.README for updated information; this file supersedes all other sendmail README files. Below is information we have received from vendors who have patches available or upcoming for the vulnerabilities described in this advisory. -------------------- Eric Allman Sendmail version 8.6.10 is not vulnerable. This version is available by anonymous FTP from ftp.cs.berkeley.edu:/ucb/sendmail ftp.uu.net:/networking/mail/sendmail/UCB info.cert.org:/pub/tools/sendmail/sendmail.8.6.10 ftp.cert.dfn.de:/pub/tools/net/sendmail ftp.auscert.org.au:/pub/coast/mirrors/ftp.cs.berkeley.edu/ucb/sendmail In all of the above locations, the MD5 checksums are the same, MD5 (sendmail.8.6.10.base.tar.Z) = 4ab8ac267b1eaf8d1725c14cf4b2e885 MD5 (sendmail.8.6.10.cf.tar.Z) = c70c576697bbbf047ed379a7b98633f6 MD5 (sendmail.8.6.10.misc.tar.Z) = 6212390ca0bb4b353e29521f1aab492f MD5 (sendmail.8.6.10.patch) = 08d6f977c171ea858f1e940163212c3a MD5 (sendmail.8.6.10.xdoc.tar.Z) = 8b2252943f365f303b6302b71ef9a841 -------------------- Apple Computer, Inc. An upgrade to A/UX version 3.1 (and 3.1.1) for these vulnerabilities is available. The upgrade is a replacement of the sendmail binary. It is available via anonymous FTP from ftp.support.apple.com: pub/apple_sw_updates/US/Unix/A_UX/supported/3.x/sendmail/ It is also available via anonymous FTP from abs.apple.com: pub/abs/aws95/patches/sendmail/ In both cases the compressed binary has the following signature: MD5 (sendmail.Z) = 31bb15604517630f46d7444a6cfab3f1 Uncompress(1) this file and replace the existing version in /usr/lib; be sure to preserve the hard links to /usr/ucb/newaliases and /usr/ucb/mailq, kill the running sendmail and restart. Earlier versions of A/UX are not supported by this patch. Users of previous versions are encouraged to update their system or compile the latest version of sendmail available from ftp.cs.berkeley.edu. Customers should contact their reseller for any additional information. -------------------- Berkeley Software Design. Inc. (BSDI) BSD/OS V2.0 is vulnerable to the local user problems, but not the remote user (IDENT) problem. All earlier releases of BSD/OS are vulnerable to both problems. Patches are being developed and will be made available via anonymous FTP on ftp.bsdi.com in the directory "bsdi/support". BSDI Contact Information: BSDI Customer Support Berkeley Software Design, Inc. 7759 Delmonico Drive Colorado Springs, CO 80919 Toll Free: +1 800 ITS BSD8 (+1 800 486 2738) Phone: +1 719 260 8114 Fax: +1 719 598 4238 Email: support(a)bsdi.com -------------------- Cray Computer Corporation (Craycos) A new version of sendmail, one that does not have the problem, is available from CCC. Please contact your site analyst for more information. You may also contact CCC Field Support using the address below. e-mail: support(a)craycos.com -------------------- Digital Equipment Corporation Digital will announce the availability of a kit as soon as it becomes available. -------------------- Harris Computer Systems Corporation Request the appropriate patch for Harris NightHawk Systems, as follows: System Patch cx/ux 7.1 cx7.1-030 cx/ux 6.2 cx6.2-114 cx/sx 6.2 cx6.2-114 If you need further information, contact the Harris Support Hotline 1-800-245-6453. -------------------- Hewlett-Packard Company Hewlett-Packard HP-UX Patches available by 2/23/95 Vulnerable to: -d DEBUG option Latest queue problem Not Vulnerable to: IDENT problem Apply patch PHNE_5264 (series 700/800, HP-UX 9.x), or PHNE_5263 (series 700/800, HP-UX 8.x), or PHNE_5260 (series 300/400, HP-UX 9.0), or PHNE_5259 (series 300/400, HP-UX 8.x) You can get patches via: 1. Ftp / email / kermit to HP SupportLine To obtain a copy of the HP SupportLine email service user's guide, send the following in the TEXT PORTION OF THE MESSAGE to support(a)support.mayfield.hp.com (no Subject is required): send guide 2. World Wide Web: http://support.mayfield.hp.com If you need further information, contact HP SupportLine: 1-415-691-3888 phone: 1-415-691-3680 telnet/ftp: support.mayfield.hp.com (192.6.148.19) -------------------- IBM Corporation A possible security exposure exists in the bos.obj sendmail subsystem in all AIX releases. The user can cause arbitrary data to be written into the sendmail queue file. Non-privileged users can affect the delivery of mail, as well as run programs as other users. Workaround A. Apply the patch for this problem. The patch is available from software.watson.ibm.com. The files will be located in the /pub/aix/sendmail in compressed tar format. The MD5 checksum for the binary file is listed below, ordinary "sum" checksums follow as well. File sum MD5 Checksum ---- --- ------------ sendmail.tar.Z 35990 e172fac410a1b31f3a8c0188f5fd3edb B. The official fix for this problem can be ordered as Authorized Program Analysis Report (APAR) IX49257 To order an APAR from IBM in the U.S. call 1-800-237-5511 and ask for shipment as soon as it is available (in approximately two weeks). APARs may be obtained outside the U.S. by contacting a local IBM representative. -------------------- Motorola Computer Group (MCG) The following MCG platforms are vulnerable: R40 R32 running CNEP add-on product R3 running CNEP add-on product The following MCG platforms are not vulnerable: R32 not including CNEP add-on product R3 not including CNEP add-on product R2 VMEEXEC VERSADOS The patch is available and is identified as "patch_43004 p001" or "SCML#5552". It is applicable to OS revisions from R40V3 to R40V4.3. For availability of patches for other versions of the product contact your regional MCG office at the numbers listed below. Obtain and install the appropriate patch according to the instructions included with the patch. The patch can be obtained through anonymous ftp from ftp.mcd.mot.com [144.191.210.3] in the pub/patches/r4 directory. The patch can also be obtained via sales and support channels. Questions regarding the patch should be forwarded to sales or support channels. For verification of the patch file: Results of sum -r == 27479 661 sum == 32917 661 md5 == 8210c9ef9441da4c9a81c527b44defa6 Contact numbers for Sales and Support for MCG: United States (Tempe, Arizona) Tel: +1-800-624-0077 Fax: +1-602-438-3865 Europe (Brussels, Belgium) Tel: +32-2-718-5411 Fax: +32-2-718-5566 Asia Pacific / Japan (Hong Kong) Tel: +852-966-3210 Fax: +852-966-3202 Latin America / Australia / New Zealand (U.S.) Tel: +1 602-438-5633 Fax: +1 602-438-3592 -------------------- Open Software Foundation The local vulnerability described in the advisory can be exploited in OSF's OSF/1 R1.3 (this is different from DEC's OSF/1). Customers should apply the relevant portions of cert's fix to their source base. For more information please contact OSF's support organization at osf1-defect(a)osf.org. -------------------- The Santa Cruz Operation SCO systems are not vulnerable to the IDENT problem. Systems running the MMDF mail system are not vulnerable to the remote or local problems. The following releases of SCO products are vulnerable to the local problems. ============================================================================ SCO TCP/IP 1.1.x for SCO Unix System V/386 Operating System Release 3.2 Versions 1.0 and 2.0 SCO TCP/IP 1.2.x for SCO Unix System V/386 Operating System Release 3.2 Versions 4.x SCO TCP/IP 1.2.0 for SCO Xenix System V/386 Operating System Release 2.3.4 SCO Open Desktop Lite Release 3.0 SCO Open Desktop Release 1.x, 2.0, and 3.0 SCO Open Server Network System, Release 3.0 SCO Open Server Enterprise System, Release 3.0 Patches are currently being developed for the release 3.0 and 1.2.1 based products. The latest sendmail available from SCO, on Support Level Supplement (SLS) net382d, is also vulnerable. Contacts for further information: e-mail: support(a)sco.COM USA, Canada, Pacific Rim, Asia, Latin America 6am-5pm Pacific Daylight Time (PDT) ---------------------------------------------- 1-408-425-4726 (voice) 1-408-427-5443 (fax) Europe, Middle East, Africa: 9am-5:30pm British Standard Time (BST) ------------------------------------------------------------------- +44 (0)923 816344 (voice) +44 (0)923 817781 (fax) -------------------- Sequent Computer Systems Sequent customers should contact Sequent Customer Service and request the Fastpatch for sendmail. phone: 1-800-854-9969. e-mail: service-question(a)sequent.com -------------------- Silicon Graphics, Inc. At the time of writing of this document, patches/binaries are planned for IRIX versions 4.x, 5.2, 5.3, 6.0, and 6.0.1 and will be available to all SGI customers. The patches/binaries may be obtained via anonymous ftp (ftp.sgi.com) or from your support/service provider. On the anonymous ftp server, the binaries/patches can be found in either ~ftp/patches or ~ftp/security directories along with more current pertinent information. For any issues regarding this patch, please, contact your support/service provider or send email to cse-security-alert(a)csd.sgi.com . -------------------- Sony Corporation NEWS-OS 6.0.3 vulnerable; Patch SONYP6022 [sendmail] is available. NEWS-OS 6.1 vulnerable; Patch SONYP6101 [sendmail] is available. NEWS-OS 4.2.1 vulnerable; Patch 0101 [sendmail-3] is available. Note that this patch is not included in 4.2.1a+. Patches are available via anonymous FTP in the /pub/patch/news-os/un-official directory on ftp1.sony.co.jp [202.24.32.18]: 4.2.1a+/0101.doc describes about patch 0101 [sendmail-3] 4.2.1a+/0101_C.pch patch for NEWS-OS 4.2.1C/a+C 4.2.1a+/0101_R.pch patch for NEWS-OS 4.2.1R/RN/RD/aRD/aRS/a+R 6.0.3/SONYP6022.doc describes about patch SONYP6022 [sendmail] 6.0.3/SONYP6022.pch patch for NEWS-OS 6.0.3 6.1/SONYP6101.doc describes about patch SONYP6101 [sendmail] 6.1/SONYP6101.pch patch for NEWS-OS 6.1 Filename BSD SVR4 Checksum Checksum -------------- --------- --------- 4.2.1a+/0101.doc 55361 2 19699 4 4.2.1a+/0101_C.pch 60185 307 25993 614 4.2.1a+/0101_R.pch 35612 502 31139 1004 6.0.3/SONYP6022.doc 03698 2 36652 4 6.0.3/SONYP6022.pch 41319 436 20298 871 6.1/SONYP6101.doc 40725 2 3257 3 6.1/SONYP6101.pch 37762 434 4624 868 MD5 checksums are: MD5 (4.2.1a+/0101.doc) = c696c28abb65fffa5f2cb447d4253902 MD5 (4.2.1a+/0101_C.pch) = 20c2d4939cd6ad6db0901d6e6d5ee832 MD5 (4.2.1a+/0101_R.pch) = 840c20f909cf7a9ac188b9696d690b92 MD5 (6.0.3/SONYP6022.doc) = b5b61aa85684c19e3104dd3c4f88c5c5 MD5 (6.0.3/SONYP6022.pch) = 1e4d577f380ef509fd5241d97a6bcbea MD5 (6.1/SONYP6101.doc) = 62601c61aef99535acb325cf443b1b25 MD5 (6.1/SONYP6101.pch) = 87c0d58f82b6c6f7811750251bace98c If you need further information, contact your vendor. -------------------- Solbourne Grumman System Support Corporation now performs all Solbourne software and hardware support. Please contact them for further information. e-mail: support(a)nts.gssc.com phone: 1-800-447-2861 -------------------- Sun Microsystems, Inc. Sun has developed patches for all supported platforms and architectures, including Trusted Solaris, Solaris x86, and Interactive Unix. Note that Sun no longer supports the sun3 architecture and versions of the operating system that precede 4.1.3. Current patches are listed below. OS version Patch ID Patch File Name ---------- --------- --------------- 4.1.3 100377-19 100377-19.tar.Z 4.1.3_U1 101665-04 101665-04.tar.Z 5.3 101739-07 101739-07.tar.Z 5.4 102066-04 102066-04.tar.Z 5.4_x86 102064-04 102064-04.tar.Z The patches can be obtained from local Sun Answer Centers and through anonymous FTP from ftp.uu.net in the /systems/sun/sun-dist directory. In Europe, the patches are available from mcsun.eu.net in the /sun/fixes directory. The patches are also available through the usual URL on World Wide Web. Sun is issuing Security Bulletin #129 with details on February 22; the patches will become available worldwide during the 24 hours to follow. .............................................................................. Apppendix B: Sendmail Wrapper This wrapper can be used to improve security until you can install a vendor patch or sendmail version 8.6.10. Note that it does not address all known sendmail vulnerabilities. /* ** sendmail_wrapper.c - wrap sendmail to prevent newlines in command line ** and clean up the environment. ** ** Authors: Eric Halil, Danny Smith ** AUSCERT ** c/o Prentice Centre ** The University of Queensland ** Qld. 4072. ** Australia ** 22-Feb-1995 ** ** Disclaimer: The use of this program is at your own risk. It is ** designed to combat a particular vulnerability, and may ** not combat other vulnerabilities, either past or future. ** The decision to use this program is yours, as are the ** consequences of its use. ** ** This program is designed to be an interim relief measure ** until appropriate patches can be obtained from your vendor. ** ** Installation instructions ** ========================= ** ** 1. su to root. ** ** 2. Determine the location of sendmail. On SunOS and Ultrix ** systems, it is located in the /usr/lib directory. On BSDI ** systems, it is located in the /usr/sbin directory. For example ** purposes only, /usr/lib will be used in the following instructions ** steps. ** ** 3. Copy the sendmail program to sendmail.real. Change the permissions ** on the copy of sendmail. ** ** # cd /usr/lib ** # cp sendmail sendmail.real ** # chmod 0700 sendmail.real ** ** 4. Determine the permissions, owner, and group of sendmail. This ** information will be used later. ** ** For BSD users: ** # ls -lg sendmail ** For System V users: ** # ls -l sendmail ** ** 5. Edit this wrapper program and define REAL_SENDMAIL. By default, ** REAL_SENDMAIL is defined as "/usr/lib/sendmail.real". ** ** 6. Compile this program in a directory other than /usr/lib. For ** example to use /tmp, first copy this file into /tmp. ** ** # cd /tmp ** # cc -O -o sendmail sendmail_wrapper.c ** ** 7. Copy this new wrapper program into the directory containing sendmail. ** Make sure this directory and its parent directories are protected so ** only root is able to make changes to files in the directory. This ** will replace the existing sendmail. The following steps should be ** executed quickly. ** ** Users will not be able to send e-mail during the time when the ** wrapper is copied into place until the chmod command has been ** executed. Use the information from step #4 and set the permissions ** owner, and group of the new sendmail. ** ** # cp sendmail /usr/lib/sendmail ** # cd /usr/lib ** # chown root sendmail ** # chmod 4511 sendmail ** ** 8. Kill the running sendmail process and start the new sendmail. ** ** For SunOS and Ultrix: ** # kill -9 `head -1 /etc/sendmail.pid` ** # /usr/lib/sendmail -bd -q1h ** ** For BSDI: ** # kill -9 `head -1 /var/run/sendmail.pid` ** # /usr/sbin/sendmail -bd -q1h ** ** For other systems, follow your vendors guidelines or use the ** following command. Kill the processes and start the new sendmail. ** # ps -auxw | grep sendmail | grep -v grep ** # kill -9 (process id numbers) ** # ./sendmail -bd -q1h ** ** 9. Test that mail still works. ** Version 1.1 22-Feb-1995. */ #include <stdio.h> /* ** REAL_SENDMAIL needs to be defined using the full pathname ** of the real sendmail. A few known locations have been defined. */ #ifdef sun #define REAL_SENDMAIL "/usr/lib/sendmail.real" #endif #ifdef ultrix #define REAL_SENDMAIL "/usr/lib/sendmail.real" #endif #if defined (__bsdi__) || defined(__386BSD__) || defined(__FreeBSD__) || defined(__NetBSD__) #define REAL_SENDMAIL "/usr/sbin/sendmail.real" #endif int main( argc, argv, envp) int argc; char *argv[]; char *envp[]; { char *cp; int i; int j; int status; /* ** Ensure that there are no newlines in the arguments */ for ( i = 1; i < argc; i++) { for ( cp = argv[ i]; *cp != '\0'; cp++) { if ( ( *cp == '\r') || ( *cp == '\n')) { *cp = ' '; } } } /* ** While we are at it, let's clean up the environment ** Remove LD_*, IFS, and PATH enviroment variables before execing */ i = 0; while( envp[ i] != NULL) { if ( strncmp( envp[ i], "LD_", 3) == 0) { j = i; while ( envp[ j] != NULL) { envp[ j] = envp[ j + 1]; j++; } continue; } if ( strncmp( envp[ i], "IFS=", 4) == 0) { j = i; while ( envp[ j] != NULL) { envp[ j] = envp[ j + 1]; j++; } continue; } if ( strncmp( envp[ i], "PATH=", 5) == 0) { j = i; while ( envp[ j] != NULL) { envp[ j] = envp[ j + 1]; j++; } continue; } /* ** Now check for newlines in environment variables */ for ( cp = envp[ i]; *cp != '\0'; cp++) { if ( ( *cp == '\r') || ( *cp == '\n')) { *cp = ' '; } } /* ** next environment variable */ i++; } /* ** exec the real sendmail now */ status = execve( REAL_SENDMAIL, argv, envp); perror( "execve sendmail"); return( status); }

1 0

Attendee List
by Pam Ciesla 21 Feb '95

21 Feb '95

>From the February 9 & 10, 1995 meeting is available by ftp://home.merit.edu/pub/nanog/Feb295NANOG. This list was taken from the sign-in sheets at the meeting. Pam Ciesla

1 0

Additions to the NSFNET policy-based routing database
by smm＠twain.merit.edu 20 Feb '95

20 Feb '95

------------------------------------------------------------------------------ The PRDB and this "NWG report" will be retired very soon. Details below. ------------------------------------------------------------------------------ The following changes have been made to the NSFNET policy-based routing database and will be installed on the backbone by 08:00 EST : Total = As + Bs + Cs + Aggs Registered Networks 47796 = 30 5288 39625 2853 Configured Networks 44846 = 30 5231 36796 2789 Added Networks 225 = 0 6 184 35 Deleted Networks 20 = 0 0 20 0 IP address Net name Country Priority:AS ---------- -------- ------- ----------- 147.73/16 PSC-TRASNIT-SUBNET C:US 1:1206 2:204 152.123/16 DOTNETA3 C:US 1:1327 152.158/16 ADVANTIS-BNET C:US 1:2685 2:701(136) 3:701(134) 4:279 5:86 155.239/16 TELKOM C:ZA 1:701(136) 2:701(134) 3:3561(11) 4:3561(218) 5:1240 165.165/16 TIENET C:ZA 1:1957 168.122/16 BU-RESNET C:US 1:3561(218) 2:3561(11) 3:560 4:701(136) 5:701(134) 192.47.212/24 RICS-NET C:JP 1:2149 2:174 192.71.107/24 SE-SYSTECH C:SE 1:701(136) 2:701(134) 3:1800 192.91.185/24 NET-TURBOSOFT C:AU 1:297(144) 2:297(145) 192.98.61/24 TIETOTORI1 C:FI 1:701(136) 2:701(134) 192.131.246/24 BELCAN-CINTI C:US 1:1800 2:1240 3:1239 192.152.245/24 GTE-MARSC C:US 1:3561(218) 2:3561(11) 3:86 4:279 192.159.88/24 RTC-NET C:US 1:1240 2:1800 3:1239 192.207.120/24 NET-CRUNCHY C:AU 1:297(144) 2:297(145) 193.12/14 SE-SWIP-NET1 C:SE 1:1800 2:1879 3:1133 4:1240 193.43.1/24 CIXN C:IT 1:293(144) 2:293(145) 3:1133 4:1674 5:1800 193.48.0/24 FR-LPTF C:FR 1:1800 2:1240 3:1133 4:1674 193.54.67/24 FR-FNSP C:FR 1:1800 2:1240 3:1133 4:1674 193.54.68/24 FR-FNSP C:FR 1:1800 2:1240 3:1133 4:1674 193.54.69/24 FR-FNSP C:FR 1:1800 2:1240 3:1133 4:1674 193.81.196/24 APA-NET C:AT 1:701(136) 2:701(134) 3:1800 193.100.4/22 TEMICIN C:DE 1:1800 2:1240 3:1133 193.106.8/24 FR-JOUVE-M1 C:FR 1:1800 2:1240 3:1133 4:1674 193.106.88/24 FR-LIAC C:FR 1:1800 2:1240 3:1133 4:1674 193.119.194/24 EUNET-GBCUST3 C:GB 1:701(136) 2:701(134) 3:1800 193.205.152/24 INFM-NET-01 C:IT 1:293(144) 2:293(145) 3:1133 4:1674 5:1800 193.209.128/24 HONEYWELLNET C:FI 1:701(136) 2:701(134) 193.248.248/24 FR-FTOCISI C:FR 1:1800 2:1240 3:1133 4:1674 194.58.216/24 OLLY-NET C:RU 1:701(136) 2:701(134) 3:1800 194.59.181/24 SPACENET-ECRC-C-59-18 C:DE 1:1800 2:1240 3:1133 194.59.182/24 SPACENET-ECRC-C-59-18 C:DE 1:1800 2:1240 3:1133 194.59.183/24 SPACENET-ECRC-C-59-18 C:DE 1:1800 2:1240 3:1133 194.59.184/24 SPACENET-ECRC-C-59-18 C:DE 1:1800 2:1240 3:1133 194.59.185/24 IWT-NET-C-59-185 C:DE 1:1800 2:1240 3:1133 194.59.186/24 IWT-NET-C-59-186 C:DE 1:1800 2:1240 3:1133 194.89.168/22 LAPPIAOLNET C:FI 1:701(136) 2:701(134) 196.1.74/24 GUARDIAN-NET C:ZA 1:1800 2:1240 3:1239 196.10.130/23 GNAT C:ZA 1:1800 2:1240 3:1239 196.10.132/22 GNAT C:ZA 1:1800 2:1240 3:1239 196.10.136/24 GNAT C:ZA 1:1800 2:1240 3:1239 198.2.0/20 NET-MCGH C:US 1:2551(136) 2:1321 3:2149 4:174 198.54.207/24 TELKOMNET-C5 C:ZA 1:701(136) 2:701(134) 3:3561(11) 4:3561(218) 5:1240 198.69.130/24 PALTECH-DOM C:US 1:3830 2:1800 3:1240 198.70.128/20 USAGROUP-NET C:US 1:1239 2:1800 3:1240 198.83.8/24 INFOVIS-NET1 C:US 1:1333 198.101.34/24 NET-GRACELAND3 C:US 1:1239 2:1800 3:1240 198.115.180/24 ECOSOFT-180 C:US 1:3561(218) 2:3561(11) 3:560 4:701(136) 5:701(134) 198.115.181/24 ECOSOFT-181 C:US 1:3561(218) 2:3561(11) 3:560 4:701(136) 5:701(134) 198.115.182/24 ECOSOFT-182 C:US 1:3561(218) 2:3561(11) 3:560 4:701(136) 5:701(134) 198.115.183/24 ECOSOFT-183 C:US 1:3561(218) 2:3561(11) 3:560 4:701(136) 5:701(134) 198.140.185/24 NET-STOCKHOLDERS1 C:US 1:1800 2:1239 3:1240 4:3830 198.140.186/24 NET-STOCKHOLDERS2 C:US 1:1800 2:1239 3:1240 4:3830 198.176.186/24 NETBLK-CLACKAMAS-C-17 C:US 1:685 2:73 3:101 198.176.187/24 NETBLK-CLACKAMAS-C-17 C:US 1:685 2:73 3:101 198.178.24/24 MPPC9 C:US 1:2149 2:174 198.179.229/24 BELCAN-BSG C:US 1:1800 2:1240 3:1239 199.1.181/24 NET-EMCOM C:US 1:1800 2:1239 3:1240 199.1.182/24 NET-ACTC2 C:US 1:1800 2:1239 3:1240 199.1.183/24 NET-PLANTINUM C:US 1:1800 2:1239 3:1240 199.1.184/24 NET-CMSIEMD C:US 1:1800 2:1239 3:1240 199.13.240/21 NET-MEDIO C:US 1:1800 2:1239 3:1240 199.38.49/24 WTC.COM C:US 1:93 199.74.236/24 NETBLK-BELCAN-WAN C:US 1:1800 2:1240 3:1239 199.74.237/24 NETBLK-BELCAN-WAN C:US 1:1800 2:1240 3:1239 199.76.145/24 NETBLK-UKY C:US 1:3561(218) 2:3561(11) 3:279 4:86 199.76.146/23 NETBLK-UKY C:US 1:3561(218) 2:3561(11) 3:279 4:86 199.76.148/22 NETBLK-UKY C:US 1:3561(218) 2:3561(11) 3:279 4:86 199.76.152/21 NETBLK-UKY C:US 1:3561(218) 2:3561(11) 3:279 4:86 199.76.160/19 NETBLK-UKY C:US 1:3561(218) 2:3561(11) 3:279 4:86 199.76.192/23 NETBLK-UKY C:US 1:3561(218) 2:3561(11) 3:279 4:86 199.79.168/22 NETBLK-PURCHASE-CBLK C:US 1:1239 2:1800 3:1240 199.94.96/24 MITRE-96 C:US 1:3561(218) 2:3561(11) 3:560 4:701(136) 5:701(134) 199.94.97/24 MITRE-97 C:US 1:3561(218) 2:3561(11) 3:560 4:701(136) 5:701(134) 199.94.98/24 MITRE-98 C:US 1:3561(218) 2:3561(11) 3:560 4:701(136) 5:701(134) 199.94.99/24 MITRE-99 C:US 1:3561(218) 2:3561(11) 3:560 4:701(136) 5:701(134) 199.94.100/24 MITRE-100 C:US 1:3561(218) 2:3561(11) 3:560 4:701(136) 5:701(134) 199.94.101/24 MITRE-101 C:US 1:3561(218) 2:3561(11) 3:560 4:701(136) 5:701(134) 199.94.102/24 MITRE-102 C:US 1:3561(218) 2:3561(11) 3:560 4:701(136) 5:701(134) 199.94.103/24 MITRE-103 C:US 1:3561(218) 2:3561(11) 3:560 4:701(136) 5:701(134) 199.94.104/24 MITRE-104 C:US 1:3561(218) 2:3561(11) 3:560 4:701(136) 5:701(134) 199.94.105/24 MITRE-105 C:US 1:3561(218) 2:3561(11) 3:560 4:701(136) 5:701(134) 199.94.106/24 MITRE-106 C:US 1:3561(218) 2:3561(11) 3:560 4:701(136) 5:701(134) 199.94.107/24 MITRE-107 C:US 1:3561(218) 2:3561(11) 3:560 4:701(136) 5:701(134) 199.94.108/24 MITRE-108 C:US 1:3561(218) 2:3561(11) 3:560 4:701(136) 5:701(134) 199.94.109/24 MITRE-109 C:US 1:3561(218) 2:3561(11) 3:560 4:701(136) 5:701(134) 199.94.110/24 MITRE-110 C:US 1:3561(218) 2:3561(11) 3:560 4:701(136) 5:701(134) 199.94.111/24 MITRE-111 C:US 1:3561(218) 2:3561(11) 3:560 4:701(136) 5:701(134) 199.94.112/24 MITRE-112 C:US 1:3561(218) 2:3561(11) 3:560 4:701(136) 5:701(134) 199.94.113/24 MITRE-113 C:US 1:3561(218) 2:3561(11) 3:560 4:701(136) 5:701(134) 199.94.114/24 MITRE-114 C:US 1:3561(218) 2:3561(11) 3:560 4:701(136) 5:701(134) 199.94.115/24 MITRE-115 C:US 1:3561(218) 2:3561(11) 3:560 4:701(136) 5:701(134) 199.94.116/24 MITRE-116 C:US 1:3561(218) 2:3561(11) 3:560 4:701(136) 5:701(134) 199.94.117/24 MITRE-117 C:US 1:3561(218) 2:3561(11) 3:560 4:701(136) 5:701(134) 199.94.118/24 MITRE-118 C:US 1:3561(218) 2:3561(11) 3:560 4:701(136) 5:701(134) 199.94.119/24 MITRE-119 C:US 1:3561(218) 2:3561(11) 3:560 4:701(136) 5:701(134) 199.94.120/24 MITRE-120 C:US 1:3561(218) 2:3561(11) 3:560 4:701(136) 5:701(134) 199.94.121/24 MITRE-121 C:US 1:3561(218) 2:3561(11) 3:560 4:701(136) 5:701(134) 199.94.122/24 MITRE-122 C:US 1:3561(218) 2:3561(11) 3:560 4:701(136) 5:701(134) 199.94.123/24 MITRE-123 C:US 1:3561(218) 2:3561(11) 3:560 4:701(136) 5:701(134) 199.94.124/24 MITRE-124 C:US 1:3561(218) 2:3561(11) 3:560 4:701(136) 5:701(134) 199.94.125/24 MITRE-125 C:US 1:3561(218) 2:3561(11) 3:560 4:701(136) 5:701(134) 199.94.126/24 MITRE-126 C:US 1:3561(218) 2:3561(11) 3:560 4:701(136) 5:701(134) 199.94.127/24 MITRE-127 C:US 1:3561(218) 2:3561(11) 3:560 4:701(136) 5:701(134) 199.164.238/24 NET-BIGDOG C:US 1:1800 2:1239 3:1240 4:3830 199.172.48/24 CHRYSALIS-NET C:US 1:701(136) 2:701(134) 199.173.0/18 INTAC64 C:US 1:701(136) 2:701(134) 199.184.188/24 AX-NET C:US 1:1240 2:1800 3:1239 199.221.97/24 NETBLK-ANS-C-BLOCK2 C:US 1:1692 199.222.112/24 ANS-C-BLOCK2 C:US 1:1322 2:1660 199.222.113/24 ANS-C-BLOCK2 C:US 1:1322 2:1660 199.222.114/24 ANS-C-BLOCK2 C:US 1:1322 2:1660 199.222.115/24 ANS-C-BLOCK2 C:US 1:1322 2:1660 199.222.116/24 ANS-C-BLOCK2 C:US 1:1322 2:1660 199.222.117/24 ANS-C-BLOCK2 C:US 1:1322 2:1660 199.222.118/24 ANS-C-BLOCK2 C:US 1:1322 2:1660 199.222.119/24 ANS-C-BLOCK2 C:US 1:1322 2:1660 199.222.120/24 ANS-C-BLOCK2 C:US 1:1322 2:1660 199.222.121/24 ANS-C-BLOCK2 C:US 1:1322 2:1660 199.222.122/24 ANS-C-BLOCK2 C:US 1:1322 2:1660 199.245.159/24 EUCLID C:US 1:1800 2:1240 3:1239 199.246.25/24 ENTRENET C:CA 1:2493(35) 2:2493(91) 202.33.62/24 JTBNET C:JP 1:2149 2:174 202.33.68/24 TBSNET C:JP 1:2149 2:174 202.33.69/24 MVPNET C:JP 1:2149 2:174 202.33.74/24 VENTURE-WEB C:JP 1:2149 2:174 202.33.75/24 VENTURE-WEB C:JP 1:2149 2:174 202.248.37/24 MSINET C:JP 1:2149 2:174 202.248.44/24 SHARP-NARA C:JP 1:2149 2:174 202.248.71/24 NLRI-NET C:JP 1:2149 2:174 204.50.49/24 NET-FIG C:CA 1:1240 2:1800 3:1239 204.50.50/24 NET-CCNSINFO C:CA 1:1240 2:1800 3:1239 204.76.0/21 STLOUPUBSCHL C:US 1:1239 2:1800 3:1240 204.80.152/24 EXCLUSIVE C:US 1:701(136) 2:701(134) 204.80.221/24 INFOSOC C:US 1:1800 2:1239 3:1240 204.90.74/24 BELCAN-BSG C:US 1:1800 2:1240 3:1239 204.94.89/24 IMAGEW-NET C:US 1:1240 2:1800 3:1239 204.97.80/21 NET-CHIAT C:US 1:1239 2:1800 3:1240 204.97.115/24 FCMU-NET C:US 1:1239 2:1800 3:1240 204.101.49/24 WLDONLINE C:CA 1:1239 2:1800 3:1240 204.117.112/24 NET-LMF C:US 1:1239 2:1240 3:1800 204.119.240/21 NET-NS C:US 1:1240 2:1800 3:1239 204.120.167/24 NET-CFA C:US 1:1239 2:1800 3:1240 204.120.207/24 NET-SACHS C:US 1:1239 2:1800 3:1240 204.128.183/24 DAYNA3 C:US 1:1240 2:1800 3:1239 4:210 5:209 204.130.196/24 DAYNA2 C:US 1:1240 2:1800 3:1239 4:210 5:209 204.138.172/24 ALGOMA-NET C:CA 1:1240 2:1800 3:1239 204.152.27/24 GTE-DSSO-ELS C:US 1:3561(11) 2:3561(218) 3:200(128) 4:200(144) 204.152.80/23 NETGATE-NET2 C:US 1:3830 204.164.232/24 MACTEMPS-NET232 C:US 1:3561(218) 2:3561(11) 3:560 4:701(136) 5:701(134) 204.164.233/24 MACTEMPS-NET233 C:US 1:3561(218) 2:3561(11) 3:560 4:701(136) 5:701(134) 204.164.234/24 MACTEMPS-NET234 C:US 1:3561(218) 2:3561(11) 3:560 4:701(136) 5:701(134) 204.164.235/24 MACTEMPS-NET235 C:US 1:3561(218) 2:3561(11) 3:560 4:701(136) 5:701(134) 204.164.236/24 MACTEMPS-NET236 C:US 1:3561(218) 2:3561(11) 3:560 4:701(136) 5:701(134) 204.164.237/24 MACTEMPS-NET237 C:US 1:3561(218) 2:3561(11) 3:560 4:701(136) 5:701(134) 204.164.238/24 MACTEMPS-NET238 C:US 1:3561(218) 2:3561(11) 3:560 4:701(136) 5:701(134) 204.164.239/24 MACTEMPS-NET239 C:US 1:3561(218) 2:3561(11) 3:560 4:701(136) 5:701(134) 204.164.240/24 MACTEMPS-NET240 C:US 1:3561(218) 2:3561(11) 3:560 4:701(136) 5:701(134) 204.164.241/24 MACTEMPS-NET241 C:US 1:3561(218) 2:3561(11) 3:560 4:701(136) 5:701(134) 204.164.242/24 MACTEMPS-NET242 C:US 1:3561(218) 2:3561(11) 3:560 4:701(136) 5:701(134) 204.164.243/24 MACTEMPS-NET243 C:US 1:3561(218) 2:3561(11) 3:560 4:701(136) 5:701(134) 204.164.244/24 MACTEMPS-NET244 C:US 1:3561(218) 2:3561(11) 3:560 4:701(136) 5:701(134) 204.164.245/24 MACTEMPS-NET245 C:US 1:3561(218) 2:3561(11) 3:560 4:701(136) 5:701(134) 204.164.246/24 MACTEMPS-NET246 C:US 1:3561(218) 2:3561(11) 3:560 4:701(136) 5:701(134) 204.164.247/24 MACTEMPS-NET247 C:US 1:3561(218) 2:3561(11) 3:560 4:701(136) 5:701(134) 204.168.160/19 NYU-BLKA C:US 1:1239 2:1800 3:1240 204.174.119/24 FAIRVIEW C:CA 1:1331 204.176.196/24 CHRYSALIS-NET C:US 1:701(136) 2:701(134) 204.177.112/22 DELTANET-NET C:US 1:701(136) 2:701(134) 204.178.200/21 DELTANET2 C:US 1:701(136) 2:701(134) 204.179.169/24 LOOP-NET C:US 1:1957 204.181.200/21 NET-ONLINETODAY C:US 1:1800 2:1239 3:1240 204.183.123/24 US-NET C:US 1:1800 2:1239 3:1240 204.183.127/24 NET-UPSTATE C:US 1:1800 2:1239 3:1240 204.183.156/23 CARIBE-NET C:PR 1:1800 2:1239 3:1240 204.187.105/24 NET-XENON C:CA 1:1240 2:1800 3:1239 204.212.108/22 NET-WESTIMG C:US 1:1240 2:1800 3:1239 204.213.72/21 TVRATINGS-NET C:US 1:1239 2:1800 3:1240 204.213.128/19 TVRATINGS-NET C:US 1:1239 2:1800 3:1240 204.213.128/24 TVRATINGS C:US 1:1800 2:1239 3:1240 204.214.24/22 ASKI-NET C:US 1:1800 2:1239 3:1240 204.214.140/24 NET-MRSA C:US 1:1800 2:1239 3:1240 204.214.160/19 NET-GTTW C:US 1:1800 2:1239 3:1240 204.215.56/22 NET-UPSTATE C:US 1:1800 2:1239 3:1240 204.215.60/22 NET-PLANO C:US 1:1800 2:1239 3:1240 204.215.96/20 NETSOUTH-NET C:US 1:1800 2:1239 3:1240 204.215.212/23 GNP-NET C:US 1:1240 2:1800 3:1239 204.225.192/24 NET-ARF C:CA 1:1240 2:1800 3:1239 204.225.218/24 NET-TCB C:CA 1:1240 2:1800 3:1239 204.225.230/24 ONDHI-ON-CA C:CA 1:1239 2:1800 3:1240 204.227.128/24 GAP C:US 1:1800 2:1239 3:1240 204.227.129/24 GAP C:US 1:1800 2:1239 3:1240 204.227.130/24 GAP C:US 1:1800 2:1239 3:1240 204.227.131/24 GAP C:US 1:1800 2:1239 3:1240 204.227.132/24 GAP C:US 1:1800 2:1239 3:1240 204.227.133/24 GAP C:US 1:1800 2:1239 3:1240 204.227.134/24 GAP C:US 1:1800 2:1239 3:1240 204.227.135/24 GAP C:US 1:1800 2:1239 3:1240 204.227.136/24 GAP C:US 1:1800 2:1239 3:1240 204.227.137/24 GAP C:US 1:1800 2:1239 3:1240 204.227.138/24 GAP C:US 1:1800 2:1239 3:1240 204.227.139/24 GAP C:US 1:1800 2:1239 3:1240 204.227.140/24 GAP C:US 1:1800 2:1239 3:1240 204.227.141/24 GAP C:US 1:1800 2:1239 3:1240 204.227.142/24 GAP C:US 1:1800 2:1239 3:1240 204.227.143/24 GAP C:US 1:1800 2:1239 3:1240 204.227.144/24 GAP C:US 1:1800 2:1239 3:1240 204.227.145/24 GAP C:US 1:1800 2:1239 3:1240 204.227.146/24 GAP C:US 1:1800 2:1239 3:1240 204.227.147/24 GAP C:US 1:1800 2:1239 3:1240 204.227.148/24 GAP C:US 1:1800 2:1239 3:1240 204.227.149/24 GAP C:US 1:1800 2:1239 3:1240 204.227.150/24 GAP C:US 1:1800 2:1239 3:1240 204.227.151/24 GAP C:US 1:1800 2:1239 3:1240 204.227.152/24 GAP C:US 1:1800 2:1239 3:1240 204.227.153/24 GAP C:US 1:1800 2:1239 3:1240 204.227.154/24 GAP C:US 1:1800 2:1239 3:1240 204.227.155/24 GAP C:US 1:1800 2:1239 3:1240 204.227.156/24 GAP C:US 1:1800 2:1239 3:1240 204.227.157/24 GAP C:US 1:1800 2:1239 3:1240 204.227.158/24 GAP C:US 1:1800 2:1239 3:1240 204.227.159/24 GAP C:US 1:1800 2:1239 3:1240 204.252.4/23 KEY C:US 1:701(136) 2:701(134) 204.252.75/24 VERMEER-NET C:US 1:701(136) 2:701(134) 204.252.104/24 CSG-NET C:US 1:1957 204.252.128/20 PAGEMART-NET C:US 1:701(136) 2:701(134) Deletions: --194.44.6/24 CITY-NET C:UA 1:701(136) 2:701(134) 3:1800 --198.4.225/24 PAGENET2 C:US 1:701(136) 2:701(134) --198.4.226/24 PAGENET3 C:US 1:701(136) 2:701(134) --198.4.227/24 PAGENET4 C:US 1:701(136) 2:701(134) --198.4.228/24 PAGENET5 C:US 1:701(136) 2:701(134) --198.4.229/24 PAGENET6 C:US 1:701(136) 2:701(134) --198.4.230/24 PAGENET7 C:US 1:701(136) 2:701(134) --198.4.231/24 PAGENET8 C:US 1:701(136) 2:701(134) --198.4.232/24 PAGENET9 C:US 1:701(136) 2:701(134) --198.4.233/24 PAGENET10 C:US 1:701(136) 2:701(134) --198.4.234/24 PAGENET11 C:US 1:701(136) 2:701(134) --198.4.235/24 PAGENET12 C:US 1:701(136) 2:701(134) --198.4.236/24 PAGENET13 C:US 1:701(136) 2:701(134) --198.4.237/24 PAGENET14 C:US 1:701(136) 2:701(134) --198.4.238/24 PAGENET15 C:US 1:701(136) 2:701(134) --198.4.239/24 PAGENET16 C:US 1:701(136) 2:701(134) --198.6.114/24 INTAC C:US 1:701(136) 2:701(134) --198.6.115/24 INTAC C:US 1:701(136) 2:701(134) --199.173.0/24 INTAC64 C:US 1:701(136) 2:701(134) --204.96.103/24 DESIGNEDGE C:US 1:1800 2:1240 3:1239 Expanded listing, sorted by country, then by organization: ========================================================== The "Expanded Listings" section of this NWG report has been retired since it is sorted by countries and network organization addresses. The replacement configuration generation system is based on the Internet Routing Registry (briefly called the "Global Routing Registry"). See the file ftp.ra.net:pub/radb/OVERVIEW for more information. The remainder of this report will also be retired shortly. AS690 CIDR Squeezings Report: 9766 Nets, 179 ASs, 2824 Aggregates ------------------------------------------------------------------ 9766 (83%) of the ever-announced more-specific routes within aggregates have been withdrawn. 670 of those were withdrawn within the last week. 178 the week before that. 84 the week before that. 179 ASs have registered aggregates in the PRDB. 160 of those are announcing aggregates. 84 have withdrawn at least one more specific route. 2824 Aggregates are configured. 2107 of these were Top-Level Aggregates (not nested in another aggregate). 1618 of these are being announced to AS690. 1023 of those have at least one subnet configured (the other 595 may be saving the Internet future subnet announcements). 873 have stopped announcing at least one configured more specific route. 841 have stopped announcing half of their configured more specific routes. 811 have stopped announcing most (80%) of their more specific routes. See home.merit.edu:pub/nsfnet/cidr/cidr_savings for more detail. ----------------------------------------------------------- ========================================================== The configuration reports which reflect today's update will be available for anonymous ftp on nic.merit.edu by 08:00 EST : configuration reports -- nic.merit.edu:nsfnet/announced.networks: as-as.now as-gw.now ans_core.now country.now net-comp.now nets.doc nets.non-classful nets.tag.now nets.unl.now NSS routing software configuration files -- nic.merit.edu:nsfnet/backbone.configuration: gated.nss<NSS number>.t3p Information is also avaiable through the PRDB whois server. Type "whois -h prdb.merit.edu help" for details. -------------------------------------------------------------------------- PRDB CHANGES: (Updated January 19, 1994) As of 1/19/95, ACKs and NAKs will no loger be required (or even read) in the processing of NACRs. In early 1995, as part of the transition to the new Internet Routing Registry (IRR), the Policy Routing Database (PRDB) will be retired. Many of the functions of the PRDB (including generation of router configurations for NSFNET) will be produced based on data from the Global Routing Registry. This change to the NSFNET Backbone service will involve the following changes: - The method for submitting new nets to be routed over AS690 will change. Instead of submitting a NACR to nsfnet-admin(a)merit.edu, you will need to submit a "route template" to auto-dbm(a)ra.net . - Additions and entries to the new registry will be made by the Home AS which creates the route for each net, rather than being submitted by a AS690 peer AS. - Most of the PRDB reports (listed above) will no longer be produced. Equivalent information for most of these reports is available from the global Routing Registry. These are major changes to the system. These changes are being made in order to migrate NSFNET customers and the global user community to a global Internet Routing Registry system, which will be more capable of supporting user needs after the termination of the NSFNET Backbone services in April 1995. For more information, set your web browser to http://www.ra.net/rrinfo.html , or use anonymous ftp to obtain the files "OVERVIEW" and from the directory "ftp.ra.net:pub/radb". Merit would like to minimize the number of problems that this transition may cause you. In order to help us help you through the transition, please send your concerns, your needs, and suggestions on how we can make this happen smoothly to merit-ie(a)merit.edu. The archived discussion list "db-disc(a)merit.edu" also exists for discussion of PRDB and RADB issues. Send a message to "db-disc-request(a)merit.edu" to subscribe. --Dale Johnson (dsj(a)merit.edu) -------------------------------------------------------------------------- Please send all requests for configuration changes to nsfnet-admin(a)merit.edu using the NSFNET configuration forms. The forms are available on-line from the nic.merit.edu machine. Use ftp and the anonymous login to get on the machine. Do a "cd nsfnet/announced.networks" and get the files template.net, template.net.README, template.gate, and template.as. *** Note: As of March 1, 1994, NSFNET AUP NACRs must use the template.net *** (NACR) version 7.1, or the NACR will be returned unprocessed. ******************************* --Stephen McNutt Merit/NSFNET smm(a)merit.edu --Steven J. Richardson Merit/NSFNET sjr(a)merit.edu

1 0

ANS monitoring of NSFNET peering sessions
by manpage ID for mail 17 Feb '95

17 Feb '95

Fine individuals, Greetings. Attached is a list of AS peers that ANS monitors as part of the NSFNET Backbone Service. As we move into the final months of the transition, we are seeing an increase in alerts as regionals rely less and less on the NSFNET Backbone Service. Therefore, we request your help in identifying those peering sessions that you wish us to continue monitoring. Please reply to this note confirming: --------------------------------------------- AS #: AS name: Normal hours of operation (include time zone): Contact procedures (name, phone, email): After hours contact procedures: --------------------------------------------- Please reply to man(a)noc.ans.net with the requested information by 23:59 eastern February 28th, 1995. At 00:01 eastern March 1st, 1995, ANS will assume that monitoring of unacknowledged peering sessions is no longer needed. Please message man(a)noc.ans.net with any questions or concerns. Thanks, -B. Sue Blair ANS Network Operations --------------- AS 22: SDSCNET ENSS 135 198.17.46.102 SDSCNET ENSS 135 198.17.47.102 AS 38: UIUC ENSS 129 192.17.1.38 AS 68: NCAR ENSS 141 192.43.244.6 AS 73: NORTHWESTNET ENSS 143 192.147.179.12 NORTHWESTNET ENSS 143 192.147.179.13 NORTHWESTNET ENSS 143 192.35.180.12 NORTHWESTNET ENSS 143 192.35.180.13 AS 93: MIDNET ENSS 140 192.35.171.7 AS 97: JVNCNET ENSS 137 192.12.211.65 AS 114: SESQUINET ENSS 139 192.67.13.181 SESQUINET ENSS 139 192.67.13.88 AS 174: CORNELL ENSS 133 192.35.82.1 AS 183: SURANET ENSS 136 192.41.177.230 AS 194: NCAR ENSS 141 192.43.244.14 NCAR ENSS 141 192.52.106.2 AS 195: SDSCNET ENSS 135 198.17.46.32 SDSCNET ENSS 135 198.17.46.33 SDSCNET ENSS 135 198.17.47.32 SDSCNET ENSS 135 198.17.47.33 AS 200: FIXWEST ENSS 144 192.203.230.8 FIXWEST ENSS 144 192.52.195.8 BARRNET ENSS 144 192.31.48.200 BARRNET ENSS 144 192.31.48.201 AS 204: PSCNET ENSS 132 192.88.114.13 PSCNET ENSS 132 192.88.114.16 AS 209: NCAR ENSS 141 192.52.106.4 NCAR ENSS 141 192.43.244.4 AS 210: SALTLAKE ENSS 142 192.31.39.17 SALTLAKE ENSS 142 192.31.39.20 SALTLAKE ENSS 142 192.31.39.18 SALTLAKE ENSS 142 192.31.39.19 SALTLAKE ENSS 142 192.31.39.22 AS 237: MERIT ENSS 131 192.203.195.4 MERIT ENSS 131 198.108.2.4 AS 278: NCAR ENSS 141 192.43.244.8 AS 279: GATECH ENSS 138 192.221.26.2 GATECH ENSS 138 192.76.181.2 AS 293: FIXEAST ENSS 145 192.80.214.252 FIXWEST ENSS 144 192.52.195.13 FIXWEST ENSS 144 192.203.230.13 FIXEAST ENSS 145 192.203.229.252 AS 297: NCAR ENSS 141 192.43.244.5 FIXWEST ENSS 144 192.203.230.12 FIXWEST ENSS 144 192.203.230.3 FIXWEST ENSS 144 192.203.230.4 FIXWEST ENSS 144 192.203.230.5 FIXWEST ENSS 144 192.203.230.6 FIXEAST ENSS 145 192.203.229.243 SESQUINET ENSS 139 192.67.13.85 SESQUINET ENSS 139 192.67.14.85 FIXWEST ENSS 144 192.52.195.3 FIXWEST ENSS 144 192.52.195.4 FIXWEST ENSS 144 192.52.195.5 AS 372: FIXWEST ENSS 144 192.203.230.2 FIXWEST ENSS 144 192.52.195.2 AS 568: FIXEAST ENSS 145 192.80.214.251 FIXWEST ENSS 144 192.52.195.26 AS 668: FIXWEST ENSS 144 192.203.230.25 FIXEAST ENSS 145 192.203.229.242 AS 698: UIUC ENSS 129 192.17.2.8 AS 701: SURANET ENSS 136 192.41.177.249 AS 1206: PSCNET ENSS 132 192.5.146.10 PSCNET ENSS 132 192.88.114.10 PSCNET ENSS 132 192.88.114.17 AS 1224: UIUC ENSS 129 192.17.1.224 AS 1225: UIUC ENSS 129 192.17.1.10 UIUC ENSS 129 192.17.2.10 MERIT ENSS 131 192.203.195.3 ARGONNE ENSS 130 192.5.180.23 ARGONNE ENSS 130 192.5.186.23 AS 1240: FIXWEST ENSS 144 192.52.195.16 FIXWEST ENSS 144 192.203.230.16 AS 1250: JVNCNET ENSS 137 192.12.211.75 AS 1674: SURANET ENSS 136 192.41.177.220 AS 1740: SDSCNET ENSS 135 198.17.46.151 SDSCNET ENSS 135 198.17.46.152 SDSCNET ENSS 135 198.17.46.153 SDSCNET ENSS 135 198.17.47.150 SDSCNET ENSS 135 198.17.47.151 AS 1800: FIXEAST ENSS 145 192.203.229.245 AS 1838: SDSCNET ENSS 135 198.17.47.153 AS 1849: SURANET ENSS 136 192.41.177.190 AS 1972: DARPA ENSS 146 192.187.8.2 AS 2149: SURANET ENSS 136 192.41.177.246 AS 2150: SDSCNET ENSS 135 198.17.47.175 AS 2551: SURANET ENSS 136 192.41.177.210 AS 2648: NCAR ENSS 141 192.43.244.15 AS 2699: FIXEAST ENSS 145 192.80.214.250 AS 2885: SURANET ENSS 136 192.41.177.166 AS 3354: SESQUINET ENSS 139 192.67.14.93 AS 3429: FIXWEST ENSS 144 192.52.195.14 AS 3561: SURANET ENSS 136 192.41.177.180 AS 3577: PSCNET ENSS 132 192.5.146.7 AS 3830: SURANET ENSS 136 192.41.177.170 AS 4136: SURANET ENSS 136 192.41.177.150

1 0

CERT Advisory CA-95:04.NCSA.http.daemon.for.unix.vulnerability
by cert-advisory＠cert.org 17 Feb '95

17 Feb '95

============================================================================= CA-95:04 CERT Advisory February 17, 1995 NCSA HTTP Daemon for UNIX Vulnerability ----------------------------------------------------------------------------- The CERT Coordination Center has received reports that there is a vulnerability in the NCSA HTTP Daemon V.1.3 for UNIX. Because of this vulnerability, the daemon can be tricked into executing shell commands. If you have any questions regarding this vulnerability, please send e-mail to Beth Frank at the NCSA, efrank(a)ncsa.uiuc.edu. ----------------------------------------------------------------------------- I. Description A vulnerability in the NCSA HTTP Daemon allows it to be tricked into executing shell commands. II. Impact Remote users may gain unauthorized access to the account (uid) under which the httpd process is running. III. Solution The following solution was provided by the HTTPD Team at SDG at NCSA. Step 1: In the file httpd.h, change the string length definitions from: /* The default string lengths */ #define MAX_STRING_LEN 256 #define HUGE_STRING_LEN 8192 to: /* The default string lengths */ #define HUGE_STRING_LEN 8192 #define MAX_STRING_LEN HUGE_STRING_LEN Step 2: Install the following patch, which performs the functionality of strsubfirst (i.e., copy src followed by dest[start] into dest) without the use of a temporary buffer. ----------------------------------cut here------------------------------------- *** util.c.bak Sat May 7 21:47:15 1994 --- util.c Thu Feb 16 04:17:07 1995 *************** *** 158,168 **** void strsubfirst(int start,char *dest, char *src) { ! char tmp[MAX_STRING_LEN]; ! strcpy(tmp,&dest[start]); ! strcpy(dest,src); ! strcpy(&dest[strlen(src)],tmp); } /* --- 158,174 ---- void strsubfirst(int start,char *dest, char *src) { ! int src_len, dest_len, i; ! if ((src_len=strlen(src))<start){ /** src "fits" in dest **/ ! for (i=0;dest[i]=src[i];i++); ! for (i=src_len;dest[i]=dest[i-src_len+start];i++); ! } ! else { /** src doesn't fit in dest **/ ! for (dest_len=strlen(dest),i=dest_len+src_len-start;i>=src_len;i--) ! dest[i] = dest[i-src_len+start]; ! for (i=0;i<src_len;i++) dest[i]=src[i]; ! } } /* ---------------------------------cut here------------------------------------- After you apply this patch, recompile httpd, kill the current running process, and restart the new httpd. --------------------------------------------------------------------------- The CERT Coordination Center thanks Steve Weeber, Carlos Varela, and Beth Frank for their support in responding to this problem. --------------------------------------------------------------------------- If you believe that your system has been compromised, contact the CERT Coordination Center or your representative in Forum of Incident Response and Security Teams (FIRST). If you wish to send sensitive incident or vulnerability information to CERT staff by electronic mail, we strongly advise that the e-mail be encrypted. The CERT Coordination Center can support a shared DES key, PGP (public key available via anonymous FTP on info.cert.org) or PEM (contact CERT staff for details). Internet E-mail: cert(a)cert.org Telephone: +1 412-268-7090 (24-hour hotline) CERT personnel answer 8:30 a.m.-5:00 p.m. EST(GMT-5)/EDT(GMT-4), and are on call for emergencies during other hours. Fax: +1 412-268-6989 Postal address: CERT Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213-3890 USA CERT advisories and bulletins are posted on the USENET newsgroup comp.security.announce. If you would like to have future advisories and bulletins mailed to you or to a mail exploder at your site, please send mail to cert-advisory-request(a)cert.org. Past advisories, CERT bulletins, information about FIRST representatives, and other information related to computer security are available for anonymous FTP from info.cert.org. CERT is a service mark of Carnegie Mellon University.

1 0

CERT Advisory CA-95:03.telnet.encryption.vulnerability
by cert-advisory＠cert.org 16 Feb '95

16 Feb '95

============================================================================= CA-95:03 CERT Advisory February 16, 1995 Telnet Encryption Vulnerability ----------------------------------------------------------------------------- The CERT Coordination Center has received reports of a serious security problem in the Berkeley Telnet clients that provide support for the experimental Telnet encryption option using the Kerberos V4 authentication. All known released versions of the BSD Telnet that support Kerberos V4 authentication and encryption are affected. We recommend that all sites that use encrypted telnet in conjunction with Kerberos V4 obtain a patch or upgraded version of Telnet according to the instructions in Section III below. As we receive additional information relating to this advisory, we will place it, along with any clarifications, in a CA-95:03.README file. CERT advisories and their associated README files are available by anonymous FTP from info.cert.org. We encourage you to check the README files regularly for updates on advisories that relate to your site. I. Description There is a vulnerability in Berkeley Telnet clients that support encryption and Kerberos V4 authentications. This vulnerability substantially reduces the effectiveness of the encryption. II. Impact Anyone who can access and read packets that make up the encrypted Telnet session can easily decrypt the session. This is possible, for example, when an intruder uses a packet sniffer on the network to intercept the Telnet sessions. III. Solution Obtain and install the appropriate patch according to the instructions included with the patch. Below is a summary of the vendors who have reported to us and the status they provided. More complete information, including how to obtain patches, is printed in Appendix A of this advisory and reproduced in the README file associated with this advisory. We will update the README file as we receive more information from vendors. Vendor or Source Status ---------------- ------------ Berkeley SW Distribution (BSD) source-code patch available from Berkeley; also in Appendix B of this advisory Data General Corporation not affected by the vulnerability FTP Software, Inc. patch available Harris NightHawk System not affected by the vulnerability Hewlett-Packard Company not affected by the vulnerability Nat'l. Center for Supercomputer Applications (NCSA) upgrade available Open Software Foundation not affected by the vulnerability The Santa Cruz Operation, Inc. (SCO) not affected by the vulnerability Sun Microsystems, Inc. not affected by the vulnerability If you have an encrypting Telnet from some other vendor, please contact that vendor for information regarding how to get a fixed version. --------------------------------------------------------------------------- The CERT Coordination Center wishes to thank Theodore Ts'o of the Massachusetts Institute of Technology for identifying and developing a solution to this problem. --------------------------------------------------------------------------- If you believe that your system has been compromised, contact the CERT Coordination Center or your representative in Forum of Incident Response and Security Teams (FIRST). If you wish to send sensitive incident or vulnerability information to CERT staff by electronic mail, we strongly advise that the e-mail be encrypted. The CERT Coordination Center can support a shared DES key, PGP (public key available via anonymous FTP on info.cert.org) or PEM (contact CERT staff for details). Internet E-mail: cert(a)cert.org Telephone: +1 412-268-7090 (24-hour hotline) CERT personnel answer 8:30 a.m.-5:00 p.m. EST(GMT-5)/EDT(GMT-4), and are on call for emergencies during other hours. Fax: +1 412-268-6989 CERT Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213-3890 USA Past advisories, CERT bulletins, information about FIRST representatives, and other information related to computer security are available for anonymous FTP from info.cert.org. CERT is a service mark of Carnegie Mellon University. ............................................................................. Appendix A: Vendor Information Current as of February 16, 1995 See CA-95:03.README for updated information. Below is information we have received from vendors who have patches available or upcoming, along with names of vendors who have reported that their products do not have the problem. If you have an encrypting Telnet from a vendor who is not listed, please contact that vendor for information regarding how to get a fixed version. Vendor or Source Status ---------------- ------------ Berkeley SW Distribution (BSD) source-code patch available from Berkeley; also in Appendix B of this advisory Data General Corporation not affected by the vulnerability FTP Software, Inc. patch available Harris NightHawk System not affected by the vulnerability Hewlett-Packard Company not affected by the vulnerability Nat'l. Center for Supercomputer Applications (NCSA) upgrade available Open Software Foundation not affected by the vulnerability The Santa Cruz Operation, Inc.(SCO) not affected by the vulnerability Sun Microsystems, Inc. not affected by the vulnerability PATCH INFORMATION ------------- Berkeley Software Distribution (BSD) A source-code patch, along with the domestic version of the most recently released Telnet sources from Berkeley, are available by anonymous FTP from net-dist.mit.edu:/pub/telnet/telnet.patch MD5 65d56befe3d0f1699d38de5509552578 There is also a PGP ASCII signature file for the patch in net-dist.mit.edu:/pub/telnet/telnet.patch.sig This patch can also be found in CERT Advisory CA-95:03, Appendix B. (Note: Do not calculate a checksum for Appendix B alone. It will not match the checksum of the FTP version of the patch because the tabs in the FTP copy have been replaced with blank spaces in the CA-95:03 Appendix B copy.) ------------- FTP Software, Inc. Customers of FTP Software with an encrypting telnet (provided in the PC/TCP or OnNet packages) should call the FTP technical support line at 1-800-282-4387 and ask for the "tn encrypt patch". ------------- National Center for Supercomputer Applications (NCSA) Users of NCSA Telnet should upgrade to the NCSA Telnet 2.6.1d7, AND install the appropriate Kerberos plug-in which are available by anonymous FTP from ftp.ncsa.uiuc.edu Upgrade /Mac/Telnet/Telnet2.6/prerelease/d7/Telnet2.6.1d7(68K).sit.hqx MD5 b34b9fda59421b3b83f8df08a83f83b5 /Mac/Telnet/Telnet2.6/prerelease/d7/Telnet2.6.1d7(fat).sit.hqx MD5 877add7c3d298111889fc3f2f272ce6f Kerberos plug-ins /Mac/Telnet/Telnet2.6/prerelease/AuthMan.plugin.1.0b1.hqx MD5 df727eae184b22125f90ef1a31513fd4 /Mac/Telnet/Telnet2.6/prerelease/Kerberos_Telnet_plugin.sit.hqx MD5 dbda691efe9038648f234397895c734d Questions regarding NCSA Telnet should be directed to mactel(a)ncsa.uiuc.edu ............................................................................. Appendix B: Patch for Vulnerability in Telnet Encryption Option Current as of February 16, 1995 See CA-95:03.README for updated information. Index: auth.c =================================================================== RCS file: /mit/krb5/.cvsroot/src/appl/telnet/libtelnet/auth.c,v retrieving revision 5.5 retrieving revision 5.7 diff -u -r5.5 -r5.7 --- auth.c 1994/08/18 21:06:45 5.5 +++ auth.c 1994/11/08 04:39:02 5.7 @@ -244,7 +244,7 @@ { register int x; - if (strcasecmp(type, AUTHTYPE_NAME(0))) { + if (!strcasecmp(type, AUTHTYPE_NAME(0))) { *maskp = -1; return(1); } @@ -260,14 +260,14 @@ int auth_enable(type) - int type; + char * type; { return(auth_onoff(type, 1)); } int auth_disable(type) - int type; + char * type; { return(auth_onoff(type, 0)); } @@ -277,15 +277,20 @@ char *type; int on; { - int mask = -1; + int i, mask = -1; Authenticator *ap; if (!strcasecmp(type, "?") || !strcasecmp(type, "help")) { printf("auth %s 'type'\n", on ? "enable" : "disable"); printf("Where 'type' is one of:\n"); printf("\t%s\n", AUTHTYPE_NAME(0)); - for (ap = authenticators; ap->type; ap++) + mask = 0; + for (ap = authenticators; ap->type; ap++) { + if ((mask & (i = typemask(ap->type))) != 0) + continue; + mask |= i; printf("\t%s\n", AUTHTYPE_NAME(ap->type)); + } return(0); } @@ -293,7 +298,6 @@ printf("%s: invalid authentication type\n", type); return(0); } - mask = getauthmask(type, &mask); if (on) i_wont_support &= ~mask; else @@ -317,16 +321,22 @@ auth_status() { Authenticator *ap; + int i, mask; if (i_wont_support == -1) printf("Authentication disabled\n"); else printf("Authentication enabled\n"); - for (ap = authenticators; ap->type; ap++) + mask = 0; + for (ap = authenticators; ap->type; ap++) { + if ((mask & (i = typemask(ap->type))) != 0) + continue; + mask |= i; printf("%s: %s\n", AUTHTYPE_NAME(ap->type), (i_wont_support & typemask(ap->type)) ? "disabled" : "enabled"); + } return(1); } Index: kerberos.c =================================================================== RCS file: /mit/krb5/.cvsroot/src/appl/telnet/libtelnet/kerberos.c,v retrieving revision 5.5 retrieving revision 5.8 diff -u -r5.5 -r5.8 --- kerberos.c 1994/08/18 21:07:02 5.5 +++ kerberos.c 1994/11/14 21:33:58 5.8 @@ -225,9 +225,10 @@ register int i; des_key_sched(cred.session, sched); - des_set_random_generator_seed(cred.session); - des_new_random_key(challenge); - des_ecb_encrypt(challenge, session_key, sched, 1); + des_init_random_number_generator(cred.session); + des_new_random_key(session_key); + des_ecb_encrypt(session_key, session_key, sched, 0); + des_ecb_encrypt(session_key, challenge, sched, 0); /* * Increment the challenge by 1, and encrypt it for * later comparison. @@ -320,6 +321,11 @@ break; }

1 0