For mgetty users with non-trusted shell logins

l41484@alfa.ist.utl.pt (l41484@alfa.ist.utl.pt)
Tue, 26 Jan 1999 23:32:48 +0100

Messages sorted by:[ date ][ thread ][ subject ][ author ]

On Tue, 26 Jan 1999, Gert Doering wrote:

> On Tue, Jan 26, 1999 at 06:42:39PM +0100, l41484@alfa.ist.utl.pt wrote:
> > > Basically, this IS the "rlogin" trick.
> > 
> > Although i'm not familiar with other technologies and i maybe shooting in
> > the darking, but there are other ways, things like DEC LAT. No?
> 
> Correct.  It boils down to: "if there is something under /dev that you
> can open to directly talk to the modem, chances are high that you ARE
> vulnerable, regardless where your modem is physically connected to".

Well if we fiddle with the S2 register (by disabling the escape
characters) wouldn't we avoid people, entering into command command and
thus controlling the matter?

Although it think, this would stop the called machine, from terminating
the call. (with +++ATH) This could be prevented, by not disabling the
escape character, but by changing it, into something else. Or perhaps
another possibility, would be fiddling with &D", S25 register and a DTR
transition to hangup? 

--
Tiago Pascoal  (l41484@alfa.ist.utl.pt)               FAX : +351-1-7273394
Politicamente incorrecto, e membro (nao muito) proeminente da geracao rasca.