On Fri, Nov 10, 2000 at 09:07:28PM -0500, Jesse Goerz wrote: > I'm trying to contact the sys-admin for my ISP because I don't like the > security they use for uploading personal web pages. (They use plain text ftp, > which is bad enough, but no, they have to do one better, they don't allow you > to even change your username/password so anyone on the network can sniff it > and > have complete access to your account!) Anyway, I know they run some type of > unix and I need to know how to finger or whatever to find out who is running > the system. I hoping that they aren't aware of this and that if I point it > out > a solution will soon follow. > > Any suggestions, man ?, url source?.
well the most polite way would probably be to request contact via their general support address, but chances are this won't work. if you really want to brute force send mail to the administrators you could try mailing [EMAIL PROTECTED] which will probably get thier attention, but it might also annoy them. other possible addresses are: operator, postmaster, and possibly manager. i would also say that the admins are probably well aware of what they are doing and the security issues involved (unless they are REALLY dumb) they probably just don't care, or have thier hands tied by moron managers who demand total unsecurity. in either case having some customer come along and tell them how to better do thier job might piss him off. so be very nice about it and try to be as diplomatic as possible. my guess: its stupid PHBes who are demanding unsecurity, if that is the case there is absolutely no hope, if the admins try and suggest more secure ways to run the network the manager will just fire them immediatly. -- Ethan Benson http://www.alaska.net/~erbenson/
pgpbVI5WIICmd.pgp
Description: PGP signature
