some history: my broadcast,
by Jordan Hubbard (ucbvax!jkh), 2 Apr 1987. It seems the default
configuration for Suns back then was that “everyone” really meant
everyone — resulting in some fun when Jordan ran rwall (remote
write to all) to the broadcast netgroup. Some good snippets in
retrospect:
Since rwall is an RPC service, and RPC doesn’t seem to give a damn who you are as long as you’re root (which is trivial to be, on a work- station), I have to wonder what other RPC services are open holes. We’ve managed to do some interesting, unauthorized, things with the YP service here at Berkeley, I wonder what the implications of this are. …
(An) alternative (to getting rid of rwall) would be to tighten up all the IMP gateways to forward packets only from trusted hosts. I don’t like that at all, from a standpoint of reduced convenience and productivity.
Fast-forward to 15 years later: RPC services are almost all firewalled off due to insecurity, and packet filters on gateways — ie. firewalls — are standard kit. The internet has changed a lot since then.
Comments closed