Re: "Flash"??

John Hawkinson (jhawk@panix.com)
Thu, 18 Aug 1994 20:43:44 -0400 (EDT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Mikolaj Habryn: "Re: "Flash"??"
Previous message: Jas: "Re: "Flash"??"
Maybe in reply to: That Whispering Wolf...: ""Flash"??"
Next in thread: Mikolaj Habryn: "Re: "Flash"??"

> The program forges a talk request and sends VT100 escape codes to cause the
> users screen to become unreadable.
> 
> Two defenses are:
> 
> Block talk from the border router (not usually a desirable option
> and will not protect you from internal "attacks")
> 
> Turn off talk requests (mesg n)

The correct, third, defense, is to modify talkd to rewrite ESC into
caret--left-bracket, or some other harmless sequence. While you're at it,
you'd probably want to have it log whenever it received and ESC from
someone. I haven't gotten around to doing this, but it should be
a fairly trivial patch...

--
John Hawkinson
jhawk@panix.com

Next message: Mikolaj Habryn: "Re: "Flash"??"
Previous message: Jas: "Re: "Flash"??"
Maybe in reply to: That Whispering Wolf...: ""Flash"??"
Next in thread: Mikolaj Habryn: "Re: "Flash"??"