Newsgroups: comp.os.minix
Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!nntp.coast.net!zombie.ncsc.mil!news.mathworks.com!uhog.mit.edu!news.mtholyoke.edu!news.umass.edu!news.hampshire.edu!hamp!aswNS
From: aswNS@hamp.hampshire.edu (Albert S Woodhull)
Subject: Re: minix1.hampshire.edu down temporarily
Message-ID: <c187cb$c219.18f@news.hampshire.edu>
Date: Sun, 24 Dec 1995 17:02:25 GMT
References: <c187cb$9256.340@news.hampshire.edu>
Organization: Hampshire College, Amherst MA
X-Newsreader: TIN [version 1.2 PL2]
Lines: 40

For some reason the text of my post did not make it the first
time. Here is what I tried to say:

Many readers of the Minix newsgroup and mailing list know that for a
while I have maintained an Internet-accessible node called
minix1.hampshire.edu running Minix 1.5 modified with the Tnet
networking package. The primary purposes of this node have been to 
give a networked Minix a good test and to provide a model that others
could examine in trying to configure a networked Minix. I have
provided shell accounts to anyone who wanted one and have made the
system available for anonymous ftp and guest logins.

The main Sun computer at Hampshire College experienced a security
attack recently in which a trojan horse telnet was installed. Although
I monitor minix1 quite closely and I am quite sure it wasn't involved
in any way, I decided when I learned about this that it would be a
good idea to disable network access to minix1 for a short while. This
was done on Thursday, Dec. 21. Hampshire College has been very
generous in providing me with net access, and I don't want to cause
the system administrators any extra quanta of worry, they already have
enough.

Minix1 will probably not be up again until Friday Dec. 29th, since 
pressure of work and holiday commitments don't allow me time to give
it the attention required until then. When it is again accessible 
guest logins will be disabled, and I may restrict anonymous ftp access
as well, depending upon an evaluation of the situation. Minix is
supposed to be simple, so it can be understood, but this makes it 
difficult to make it secure. There are some things that can be done to
make it more secure, and I will be implementing some of those.

Incidentally, the plan *is* to convert minix1.hampshire.edu to run
Minix 1.7+ in i386 mode, but this cannot be done until support is
available for running a telnet server.

--
Albert S. Woodhull, Hampshire College, Amherst, MA
awoodhull@hamp.hampshire.edu
woodhull@shaysnet.com
413-549-2962

