Be aware that there was a bug in the antiflash hate mail talkd where any command could be run as the id talkd was running under. I dont recall if this was discussed here, but it was in linux-security. Basicly the program uses a system call (*sic*) to send the hate mail. It does not check the address its mailing to and it could be a string such as satan@bi.fish.com;echo "Satan has back" > /vmlinux well you get the idea... 8) "Use to source Luke" On Mon, 24 Apr 1995, Richard Allen wrote: > > I have recived quite alot of mail regarding my request for a talk daemon > that can remove those annoying flashes. Apparently this is a hot issue, > many people sent me Email saying that they where interested in this matter. > > > Here are the most interesting replys I have recived so far. > > sameer <sameer@c2.org> wrote: > > > I hacked up ntalkd to make flashes useless. (It just checks to > > see if every character works in isprint() -- if not then it prints - > > instead of thata character..) I also hacked ntalkd to do filtering > > based on remote user and remote site. (Controlled by a file > > ~/.talkdrc) > > I couldn't find source to talkd which would work thogh so I > > couldn't hack talkd. Only ntalkd. > > It didn't do logging of flashes. > > > > "Martin J. Laubach" <mjl@CSlab.tuwien.ac.at> wrote: > > > I have overhauled a linux talkd to filter control characters > > and log such occurences. It also checks for the calling host > > in the talk packet being the same as the host the packet came > > from and yell if they don't match as well. > > > > It works on OSF/1, probably linux with little modifications. > > > > mjl > > > "James M. Golovich" <statik@squeaky.free.org> wrote: > > > I dont know about for any other operating systems, but for linux, someone > > wrote or edited a talkd that filters them.. You can ftp it from > > sunsite.unc.edu, it is /pub/Linux/system/Network/chat/talkd.bomb_proof.tgz > > I believe there was the source in there.. I am currently running it.. it > > logs them to your syslog like this: > > Apr 19 22:19:26 whitehouse talkd[4694]: blocked > > VT100 BOMB to user: static (apparently from: localhost) > > > > I ran flash localy to the user static.. > > > > hope this helped > > > > Shortly after I sent my request to bugtraq, I got an idea to look around > on my local Linux mirror and found "talkd+antiflash+hatemail.tar.gz" > which basicly filters out flashes and then sends automatic 'hatemail' to > root@remote.site > > However, I ran into problems compiling it on our HP9000's, Linux > apparently has a '<protocols/talkd.h>' in it's system includes. > > Best regards, > Richard Allen > -- > #include <std/sig.h> >