Next: Be Paranoid-- Call Sequence Up: Setting up your System Previous: Providing UUCP Accounts

Protecting Yourself Against Swindlers Yourself Against Swindlers

One of the biggest problems about UUCP is that the calling system can lie about its name; it announces its name to the called system after logging in, but the server doesn't have a way to check this. Thus, an attacker could log into his or her own UUCP account, pretend to be someone else, and pick up that other site's mail. This is particularly troublesome if you offer login via anonymous UUCP, where the password is made public.

Unless you know you can trust all sites that call your system to be honest, you must guard against this sort of impostors. The cure against this disease is to require each system to use a particular login name by specifying a called-login in sys. A sample system entry may look like this:

The upshot of this is that whenever a system logs in and pretends it is pablo, uucico will check whether it has logged in as Upablo. If it hasn't, the calling system will be turned down, and the connection is dropped. You should make it a habit to add the called-login command to every system entry you add to your sys file. It is important that you do this for all systems, regardless of whether they will ever call your site or not. For those sites that never call you, you should probably set called-login to some totally bogus user name, such as neverlogsin.

Andrew Anderson
Thu Mar 7 23:22:06 EST 1996