remember the lesson of the sendsys bomb
at the 1988 usenix in san francisco, rick adams of uunet ran the uucp bof and told a story of a forged sendsys message intended to melt somebody's inbox. this was timed to coincide with a usenix, since most news admins would be at the show rather than home watching their servers. (shows did not have terminal rooms at that time.) thus the cats were away the mice were at play. (sendsys, for those of you not in the news field, is a 'control message' that used to be used to get a news-neighbor to send their "sys" file via e-mail; this was used for debugging and early access controls on it were nonexistent.) well, most of the news servers by that time were configured to mail all such control messages to their local administrator, who could then approve them by hand if they weren't stupid and abusive (which they almost always were). so the forger's intent of inundating some victim's inbox with thousands of "sys" files from autoresponding systems seemed destined for some frustration. except that so many admins were away and had set up "vacation" autoresponders saying "hi, i'm at usenix, i'll be back on friday" and so few of these vacation robots had enough intelligence to not autorespond to other robotic e-mail such as "sendsys message received - approval required" that the news system ended up melting the victim's inbox ANYWAY. the lesson of the sendsys is that after a 24 or 36 hour period of continuous wakefulness, sean and alan and the rest are going to have to SLEEP. *that* will be the time when some perfectly normal event like a route spew or heavy flap or genetic IOS defect will make itself known, and *that* will be the time when Y2K finally kicks us all in the head. not because of the date change, but because everybody stayed awake too long and upset their normal vigilence.
On Fri, 31 Dec 1999, Paul A Vixie wrote:
the lesson of the sendsys is that after a 24 or 36 hour period of continuous wakefulness, sean and alan and the rest are going to have to SLEEP. *that* will be the time when some perfectly normal event like a route spew or heavy flap or genetic IOS defect will make itself known, and *that* will be the time when Y2K finally kicks us all in the head. not because of the date change, but because everybody stayed awake too long and upset their normal vigilence.
Agreed. That's the very reason I didn't want all of our operations staff to be overseeing the changeover since I didn't think it was necessary. As an ISP that caters to business customers we probably won't be made aware of any issues until Monday. Having checked with the on-call perrson this week, she says no one has made a peep, and our normal weekend ops people are working their regular schedules. -- Joseph W. Shaw - jshaw@insync.net Free UNIX advocate - "I hack, therefore I am."
Hi. What was you talking about? Wait a few days and compare the bills; don't wonder seen '290% fee or 1024 hours/day', or 'we can not measure your login time'. Real problems are waiting for us yet. On Fri, 31 Dec 1999, Paul A Vixie wrote:
Date: Fri, 31 Dec 1999 23:13:25 -0800 From: Paul A Vixie <vixie@mibh.net> To: nanog@merit.edu Subject: remember the lesson of the sendsys bomb
at the 1988 usenix in san francisco, rick adams of uunet ran the uucp bof and told a story of a forged sendsys message intended to melt somebody's inbox. this was timed to coincide with a usenix, since most news admins would be at the show rather than home watching their servers. (shows did not have terminal rooms at that time.) thus the cats were away the mice were at play.
(sendsys, for those of you not in the news field, is a 'control message' that used to be used to get a news-neighbor to send their "sys" file via e-mail; this was used for debugging and early access controls on it were nonexistent.)
well, most of the news servers by that time were configured to mail all such control messages to their local administrator, who could then approve them by hand if they weren't stupid and abusive (which they almost always were). so the forger's intent of inundating some victim's inbox with thousands of "sys" files from autoresponding systems seemed destined for some frustration.
except that so many admins were away and had set up "vacation" autoresponders saying "hi, i'm at usenix, i'll be back on friday" and so few of these vacation robots had enough intelligence to not autorespond to other robotic e-mail such as "sendsys message received - approval required" that the news system ended up melting the victim's inbox ANYWAY.
the lesson of the sendsys is that after a 24 or 36 hour period of continuous wakefulness, sean and alan and the rest are going to have to SLEEP. *that* will be the time when some perfectly normal event like a route spew or heavy flap or genetic IOS defect will make itself known, and *that* will be the time when Y2K finally kicks us all in the head. not because of the date change, but because everybody stayed awake too long and upset their normal vigilence.
Aleksei Roudnev, (+1 415) 585-3489 /San Francisco CA/
participants (3)
-
Alex P. Rudnev -
Joe Shaw -
Paul A Vixie