Re: "Flash"??

jsz (jsz@ramon.bgu.ac.il)
Fri, 19 Aug 94 2:41:34 IDT

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Jas: "Re: "Flash"??"
Previous message: Scott Schwartz: "Re: disabling login in V1 #14"
Maybe in reply to: That Whispering Wolf...: ""Flash"??"
Next in thread: Jas: "Re: "Flash"??"

> 
> The program forges a talk request and sends VT100 escape codes to cause the
> users screen to become unreadable.
> 

It sends escape sequence to your tty through talkd daemon, thus it actually
can be used to execute commands on your tty as well, taking into consideration
that you should be logged in using a terminal with transmit-back mode.


> Two defenses are:
> 
> Block talk from the border router (not usually a desirable option and will not
>   protect you from internal "attacks")
> 
> Turn off talk requests (mesg n)
> 

Or, a better approach would be to strip off escape sequences from talkd daemon.

---Me.

Next message: Jas: "Re: "Flash"??"
Previous message: Scott Schwartz: "Re: disabling login in V1 #14"
Maybe in reply to: That Whispering Wolf...: ""Flash"??"
Next in thread: Jas: "Re: "Flash"??"