LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 09-23-2003, 09:28 PM   #1
khermans
Member
 
Registered: Sep 2001
Distribution: Ubuntu, Debian, Gentoo
Posts: 162

Rep: Reputation: 30
Preventing local users from "text flooding" a terminal (DoS attack)...


Hi. I am having a problem. A friend and I keep going back and forth in our college Linux class, seeing which one can own the local server/network. There are approximately 20 users on the Red Hat 7.1 system, none of which have root privileges.

My friend recently took back the server my from grips by creating a process to TEXT FLOOD my terminal anytime I log onto the system. I cannot figure out a way to circumvent this problem and block the incoming DoS attack. CTRL-C/X doesn't do anything and the text keeps on flooding. As we do not reveal each others secrets, I assume that he has written a script to output the contents of a file continuously....something like "cat flood.txt | write user_name", which takes advantage of the fact that the WRITE command is allowed. Is there anyway to block this sort of activity?

When I secretly logged on as another user in the class (to avoid flooding), I exploited the KMOD/PTRACE vulnerability to get root on the local system and swiftly kill -9'd all his processes to regain control. The problem is that even if I have root privileges, his script still sees my user name logged on and continuously floods me... Your help would be greatly appreciated ;-)

Kris Hermansen
 
Old 09-24-2003, 02:34 AM   #2
m0rl0ck
Member
 
Registered: Nov 2002
Distribution: A totally 133t distro :)
Posts: 358

Rep: Reputation: 31
man mesg
 
Old 09-24-2003, 08:56 AM   #3
khermans
Member
 
Registered: Sep 2001
Distribution: Ubuntu, Debian, Gentoo
Posts: 162

Original Poster
Rep: Reputation: 30
Great dude...that is really helpful. At least I can stop the flooding now ;-) just "mesg n" should do the trick (if anyone else is reviewing this post and doesn't actually want to RTFM). This will stop all WRITE command usage to my screen.

BUT, what if they choose to use wall, talk, or echo to my tty terminal device? Is there any way to prevent all of these as well??? Thanks...

Kris Hermansen
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Sendmail "Permission denied" for local users kassemi Linux - Software 5 11-14-2013 04:47 AM
Cedega from Fat32 (Invalid path "." given for "--use-dos-cwd") bdox Linux - Software 0 03-30-2005 12:24 PM
Cedega and Fat32 (Invalid path "." given for "--use-dos-cwd") bdox Linux - Games 0 03-26-2005 03:48 AM
difference between "Web server local URL" and "IPv4 address"? kpachopoulos Linux - General 2 09-17-2004 02:30 PM
How to safe from "DOS" Attack johnlee Linux - Security 1 01-06-2002 06:19 AM


All times are GMT -5. The time now is 09:46 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration