In-Reply-To: <9306081620.AA07331@soda.berkeley.edu>
Here, in its almost full glory, is the letter that CERT sent to the admin at berkeley. I've removed the addressee, since there's no need to involve that person. I have not, however, removed the name of the sender. ...
We have been passed information that indicates that the anonymous FTP archive on the following host(s) may be in use by intruders for ^ illegal trading of commercial software:
>> soda.berkeley.edu /pub/cypherpunks
We have not confirmed this information, nor have we identified that the anonymous FTP configuration on the above-listed host(s) is open for abuse. ^
...
This look suspiciously like a form letter. The possible plurals ("(s)") and the fact that the site name is in a "list type" format indicate this is probably a form letter. This is even more disturbing; do they have a form letter because they use it often or do they have a daemon that searches for highly undesirable things such as ftp sites with lots of encryption related things and automatically fires off this harassing form letter? Ben Byer <bbyer@bix.com>