Re: AOL type signup

To: <debian-isp@lists.debian.org>
Subject: Re: AOL type signup
From: "Mailing List" <maillist@jasonlim.com>
Date: Fri, 26 Jan 2001 11:44:35 +0800
Message-id: <[🔎] 0a2d01c0874a$4cf61820$05c1fea9@zentekgroup>
Reply-to: "Mailing List" <maillist@jasonlim.com>
References: <[🔎] 200101260318.WAA03385@mail.goodnews.net>

I have to agree with Chris.

Even with all of AOL's programmers and security people (haha), they are
still regularly successfully cracked.

Do you think you could come up with something to rival AOL? Well... maybe...
but good luck ;-)

Jason Lim

----- Original Message -----
From: "Chris Wagner" <wagnerc@plebeian.com>
To: <debian-isp@lists.debian.org>
Sent: Friday, 26 January, 2001 11:17 AM
Subject: Re: AOL type signup


> You would have to do a good chunk of programming to pull something like
that
> off.  You would have to create a "new user" account whose shell would be
the
> main program.  That program would decide if the "AOL" crap was valid or
not
> and then proceed to make a new user account.  You can put any logging or
> accounting stuff in there that you want.  You can do this in either perl
or
> C.  The other major part of it is creating a windoze gui for the people to
> put in their "AOL"-eeze new user name, phone, credit card #, etc.  The gui
> would talk to your box and log in as "new user" and proceed to interact
with
> the user creation program.  Keep in mind that people will be feeding total
> garbage into this thing to try to break it.  It'll need to trap ALL non
> alphanumeric characters and not puke over them.  You will have some smart
> ass out there log directly into it and try to get a shell by firing
control
> codes and high ascii at it and by overflowing every buffer in the program.
>
> For a little more effort you can write a full fledged daemon to take the
> requests.  That would be more secure and let you use proprietary encoded
> binary transmission so that not just any yahoo can telnet to the port and
> have fun.  But once you get into this, you'll realize just how much work
> you're biting off.
>
> At 02:27 PM 1/25/01 -0600, StarDrifter wrote:
> >Hello,
> >I was wondering if there would be a way to have a user to sign up for my
ISP
> >using an initial logon in the format of AOL's username and password, such
> >as:
> >
> >6P-9224-5150
> >GLAD-CARHOP
> >
> >and then when they logon they can change their username and password,
just
> >for that 1st time. After that they have to contact customer support.
> >
> >Also, When the user changes his/her username and password it will record
> >that in a log and will be displayed at the end of the day.
>
>
> +-------------------------------------------------------------------+
> |     -=Close election, huh.=-                                      |
> +-------------------------------------------------------------------+
>
> 00000100
>
>
> --
> To UNSUBSCRIBE, email to debian-isp-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org
>
>

Reply to:

References:
- Re: AOL type signup
  - From: wagnerc@plebeian.com (Chris Wagner)

Prev by Date: Re: AOL type signup
Next by Date: Running Server From Behind Firewall
Previous by thread: Re: AOL type signup
Next by thread: Running Server From Behind Firewall
Index(es):
- Date
- Thread