Duplicating ASCII bel in the tty driver (was Re: Changing tty drivers)

Carl Edman cedman at lynx.ps.uci.edu
Wed Oct 24 10:23:32 AEST 1990 

In article <503 at vtserf.cc.vt.edu> valdis at wizards.vt.edu (Valdis Kletnieks) writes:
   In article <CEDMAN.90Oct23083648 at lynx.ps.uci.edu>, cedman at lynx.ps.uci.edu (Carl Edman) writes:
   |> No, no , no, no ! You didn't read what I wrote I explicitly stated that
   |> this would only apply to fixed hardwired "dumb" terminals in public
   |> access areas. There it is that the problem of spoofs is the greatest
   |> and where this feature would be most effective. On this kind of terminal
   |> NO compilcated file transfer protocoll is going to run and the system
   |> managers will know the kind of terminals they have well enough to
   |> always install the right bell character.
   |> 
   |> On the other hand, for dialup lines on which most file transfer protocolls
   |> are run there is little (altough not no) chance of spoofs. So this
   |> would NOT apply to them.

   For the terminally dense among us, explain why a dialup line has less chance
   of a spoof.  I know if *I* were a hacker trying to get a password, I'd
   rather attack the dialup lines, and suck in the password from somebody who
   rates a terminal at home, than glom onto a password from some weenie who
   is still trying to figure out that editors are used to modify files.

   Dial in, run your program (remember to block SIGHUP), and hang up.  Better
   chance of getting an "interesting" password, and no eyewitnesses ("Yeah, this
   geeked-out hacker type was there - 5'6, 175, brown hair, scar on left cheek,
   answered to the name of "Rover".....").  
Please notice: I did not say that spoofs over dialup lines are impossible.
Only harder. Yes, you and I know how to get around that minor problem,too,
but the C-in-2-weeks loser, who has just learned how to use printf and
scanf (that is all it takes to write a spoof on a hardwired terminal) doesn't.
And spoofs on dialup lines are easier to combat. One simple (but brutal)
way is to make SIGHUP non-catchable. Other, more sophisticated ways include
sending all output of programs after SIGHUP to /dev/null. Experienced
sys admins will come up with dozen of other (indoubitably better) solutions.

   Saying "There's little chance of spoofs, so we won't bother checking for them"
   is just ASKING for trouble.  It's like saying "Well, we're a bank, and since
   80% of all bank robbers come in the front door, we'll only put security cameras
   out front, and hope we dont get hit by the 20% that sneak in the back..."
I didn't suggest doing NOTHING about them. I merely said that the
simple and IMHO clever proposal to double ^G, shouldn't be applied
to dialup lines. The reason why this is so have been discussed to death
in this thread. Maybe (No, Certainly) there are other ways to combat
spoofs there. You misunderstand my position. There are people here who
argue that there should be NO cameras anywhere, because they wouldn't
work at the back door. I am arguing that it would be a good start
to put cameras at the front door, as they will work without problems
there. Agreed ?

	Carl Edman


Theorectial Physicist,N.:A physicist whose   | Send mail
existence is postulated, to make the numbers |  to
balance but who is never actually observed   | cedman at golem.ps.uci.edu
in the laboratory.                           | edmanc at uciph0.ps.uci.edu

More information about the Comp.unix.internals mailing list