Why not a private news server?

Eric Clark eclark at hoser.com
Mon Nov 29 19:35:29 GMT 1999 

On Mon, 29 Nov 1999, David Cooley wrote:

> At 11:10 AM 11/29/1999 -0600, you wrote:
> >I wonder if you have a clear understanding of the technology (or if you 
> >have stock
> >in Onelist ;) ).
> 
> 
> I do have a clear understanding.  I also have a nephew who used to be a 
> hacker/spammer, now working for Symantec.

This doesnt say anything about how much you know.  Crackers would be the
correct term, and they usually have nothing to do with spam.

> >How, first of all, how would a spammer find our private news server without a
> >really knowing we are there (as we would NOT, I repeat NOT be on the 
> >USENET), and
> >second of all, how would he then post without a valid userid and password 
> >(which
> >could be setup as an e-mail address)?????  Spammers are lazy, and will not 
> >go thru
> >that much trouble to spam a small, specialized group such as ourselves.
> 
> 
> They find out what IP addresses respond to pings, then run port scans on 
> the addresses found.

I dont know about you, but most of my servers do not respond to pings.

> They can then determine if that IP supports web, NNTP, SMTP etc.
> If a news server is protected by a password, they have crack programs that 
> throw usernames/passwords at the systems.  Systems also have backdoors put 
> in by the software authors.  Spammers/hackers know these back doors and use 
> them.

They would be firewalled automatically by portsentry if they tried this
against my machines.  Open source software does not have backdoors.

> Spammers are not lazy, as they want to get their message to as many people 
> as possible... Out of every hundred people, maybe 1 will be interested.  So 
> they spam 100,000 and 1000 show interest.
> They don't have to know the server by name.  As I stated before, I am on 
> several private news servers (AN intel beta server for one) that require an 
> individual username and password.  No one knows of the beta server except 
> the people INTEL sends the invite to join to.  We get spammed there almost 
> as much as the public newsgroups.

Thats sounds like intel doesnt know how to administer a server

> >A private news server would be invisible unless you know it's there, kinda 
> >like
> >having a web server on the net, but not advertising it's existence and not 
> >being
> >on the search engines.  No one can find you without directly typing your 
> >address,
> >then when they do, they need a username and password to view or post.
> 
> See above.  They scan a range of IP's and scan the ports on those that 
> respond to find their victims.  They don't look for advertised or 
> publicized sites.

A portscan on my servers will automatically firewall thier ip, using
portsentry.

> 
> And that is what I am interested in as well, but 2 or 3 of the group want 
> to badmouth public email servers for a *TEMPORARY* home.  If the interest 

Why does everyone ignore the offer to host them on sunsite?  thats seems
to be the best solution I have seen.

> is really to keep the list etc going, then *ANY* options should be considered.
> One other factor is to have your info published on a private news server is 
> going to take money as well unless someone runs one and is going to donate 
> time/resources to the list.  I can't understand how you keep saying the 
> news server uses "less bandwidth" than email...  If you send a message to 
> 100 people, or 100 people log in to access the message, uses the same 
> bandwidth.

If only 50 people are interested in reading the message after they've seen
the subject, you only have 50 people reading.  And if a long thread
starts, those who are not interested will not have to wade through it.

> A problem that the news server approach will cause is when everyone get's 
> off work and 4-500 people try to log in during the same time frame to one 
> server.  With a mail list, those messages were sent out as they were 
> received during the day/night and are picked up whenever the user logs in 
> to their ISP, spreading the total load over the whole 24 hour period.  The 
> news server will have to be a powerful enough machine that everyone on the 
> list can log in simultaneously and still be able to function.  I'm having 
> that problem right now with a webserver.

What software/os?

> Our company sold one and stated it's limit was 200 concurrent users.  We 
> are only at 50 concurrent users and the machine cannot keep up.  It's got 4 
> Pentium III/600 MHZ CPU's, 2G ram and 100G hard drive space (All ultra Wide 
> SCSI2).  Network connection is via OC-12 622MB/sec fiber.
> The machine cannot handle 50, let alone the 200 that my company spec'd it 
> out as.  The developers are grabbing log files, watching CPU load etc and 
> have decided that the box is full now at 50 and the customer needs to buy 
> another box or two to spread the load.

Sounds like its running NT.  I know of a lot smaller servers that easily
handle 50 concurrent running INN on FreeBSD or Linux.

-Eric

More information about the Gmecm mailing list