|
Preventing local users from "text flooding" a terminal (DoS attack)...
Hi. I am having a problem. A friend and I keep going back and forth in our college Linux class, seeing which one can own the local server/network. There are approximately 20 users on the Red Hat 7.1 system, none of which have root privileges.
My friend recently took back the server my from grips by creating a process to TEXT FLOOD my terminal anytime I log onto the system. I cannot figure out a way to circumvent this problem and block the incoming DoS attack. CTRL-C/X doesn't do anything and the text keeps on flooding. As we do not reveal each others secrets, I assume that he has written a script to output the contents of a file continuously....something like "cat flood.txt | write user_name", which takes advantage of the fact that the WRITE command is allowed. Is there anyway to block this sort of activity? When I secretly logged on as another user in the class (to avoid flooding), I exploited the KMOD/PTRACE vulnerability to get root on the local system and swiftly kill -9'd all his processes to regain control. The problem is that even if I have root privileges, his script still sees my user name logged on and continuously floods me... Your help would be greatly appreciated ;-) Kris Hermansen |
man mesg
|
Great dude...that is really helpful. At least I can stop the flooding now ;-) just "mesg n" should do the trick (if anyone else is reviewing this post and doesn't actually want to RTFM). This will stop all WRITE command usage to my screen.
BUT, what if they choose to use wall, talk, or echo to my tty terminal device? Is there any way to prevent all of these as well??? Thanks... Kris Hermansen |
| All times are GMT -5. The time now is 05:21 PM. |