Re: [SLUG] Answer + Disappointment
begin Rob B quotation: When I was working in the support section of an ISP, we routinely used a ping with this command (in hex) as payload to hang up customers with only one phone line :) We found that the only modems that it wouldn't work on were the US Robotics - based ones, pretty much everything else was disconnected by it. Interesting -- but that makes sense. (And I've always told people, if they ask my opinion about modems, to get a USR V.Everything external, and even then to not rest content until they'd optimised its S-registers.[1]) You're probably aware of the key point, here, but others may not be: That trick works because the modem _retransmits_ what was furnished to it in the ping command. In other words, the modem can receive escape sequences all day long with no effect (e.g., in e-mail), and not respond no matter how badly set up, but must be maneouvered into transmitting them. It's been years since I last even thought through the mechanics of this, honestly. [1] http://linuxmafia.com/~rick/faq/#whichmodem -- Cheers, The cynics among us might say: We laugh, Rick Moen monkeyboys -- Linux IS the mainstream UNIX now! [EMAIL PROTECTED] MuaHaHaHa! but that would be rude. -- Jim Dennis -- SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Answer + Disappointment
When I was working in the support section of an ISP, we routinely used a ping with this command (in hex) as payload to hang up customers with only one phone line :) We found that the only modems that it wouldn't work on were the US Robotics - based ones, pretty much everything else was disconnected by it. Now THIS give me several evil ideas.:-) -- SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
RE: [SLUG] Answer + Disappointment
A month to do it is childish but for 2 years now http://bad.debian.net/list/1999-October/000583.html BTW I'm not on a modem so I can't test mm Chris -Original Message- From: DaZZa [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 11, 2001 9:06 AM To: [EMAIL PROTECTED] Subject: Re: [SLUG] Answer + Disappointment On Mon, 10 Sep 2001, Charles U Farley wrote: I'm happy to paint you as a villain Rick, as I'm sure many of this lists modem users are. Yes you've annoyed me personally, does + + + ath ring any bells in your juvenile head. For those of you lucky enough to be unaware, Rick decided to include the command to hangup a modem in the headers of several recent emails to this list. I'll bet there are other recipients not yet back on the list, still trying to figure out why their ppp connection fails every time they download their mail. Only those who have cheap junk modems, or who don't know how to set them up properly. There's a simple AT command that's valid on all modems which even pretend to match the Hayes command set which disables this possibility. Of course, good modems who actually license the Hayes command set accordingly don't have this problem. Reference http://cert.uni-stuttgart.de/archive/bugtraq/1998/09/msg00209.html Rick, you are a villain and a nuisance and because I know this to be true, this post is anonymous. Certainly, it's childish and a nuisance - but villainous? DaZZa -- SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug -- SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Answer + Disappointment
This one time, at band camp, Booth, Christopher (Aus) - ATP wrote: A month to do it is childish but for 2 years now I missed all of this lovely thread, but my 2c: ATS2=255 For those who don't know the Hayes command set, this changes the escape character from '+' to ASCII 255, which has a reduced chance of someone including it in their mails. As far as I can see it, there is a workaround for this modem bug, so rather than complain about it when someone does it on a mailing list, protect yourself from it. Security doesn't stop at the IP stack. -- [EMAIL PROTECTED]http://spacepants.org/jaq.gpg Balial This port may thing it's fortified, butt I seem to be mounting a pretty good assault -- SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Answer + Disappointment
begin Booth, Christopher (Aus) - ATP quotation: A month to do it is childish but for 2 years now http://bad.debian.net/list/1999-October/000583.html BTW I'm not on a modem so I can't test My goodness: People have been throwing that ancient gag around for a _lot_ longer than two years. It's been used on the Net and BBSes to troll the um... credulous for decades. -- Cheers,Why, yes, _of course_ I'm an elitist. Rick Moen Isn't everyone? [EMAIL PROTECTED] -- SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Answer + Disappointment
begin DaZZa quotation: Only those who have cheap junk modems, or who don't know how to set them up properly. Well, look, folks, I hate to have to spell it out for you guys, but... Have you ever looked, raw, at a binary file, e.g. cat'ed it to screen by accident? That sort of stuff is, of course, what comes whizzing past your modem every time you, for example, transfer a binary file over a telephone line. You will note that you can find just about any pattern you please of characters in there, if you scroll far enough -- rather like looking for patterns in clouds, except with less healthy exposure to the outdoors. So -- and I figure _some_ of you must surely see where I'm going with this -- a surprisingly large portion of the time, you can find odd little strings like +++ath. Now, ask yourself, if modems were to hang up the line every time they happened to run across such a string by chance, would even the dimmest customers keep them for more than about a week before throwing them in the rubbish? I think not. Even junky, cheap winmodems aren't _that_ pathetic. So, if you think modems all over the Internet are getting slammed off the line every one of the quite frequent times they encounter +++ and ath sequences, you really need to think again. But certainly you shouldn't take my word for it. By all means, have a blast trying to find and test modems that _are_ that pathetic. But, in any event: YHBT. YHL. HAND. -- Cheers, SPAM SPAM SPAM SPAM! Rick Moen SPAM SPAM SPAM SPAM! [EMAIL PROTECTED] (_Nobody_ expects the Spammish Repetition!) -- SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Answer + Disappointment
On Tue, Sep 11, 2001 at 11:53:04AM +1000, DaZZa wrote: On Mon, 10 Sep 2001, Rick Moen wrote: Only those who have cheap junk modems, or who don't know how to set them up properly. Well, look, folks, I hate to have to spell it out for you guys, but... Please, spell. I'm anxious to see how good your english is. Have you ever looked, raw, at a binary file, e.g. cat'ed it to screen by accident? That sort of stuff is, of course, what comes whizzing past your modem every time you, for example, transfer a binary file over a telephone line. You will note that you can find just about any pattern you please of characters in there, if you scroll far enough -- rather like looking for patterns in clouds, except with less healthy exposure to the outdoors. There's a couple of things wrong with this assumption. 1) The chance of a combination of binary code coming out in the exact format of +++ath0 is literally staggering. Winning lotto, by comparison, would be an every day event. Yes, 1 in 72057594037927936. Stephen -- Stephen Norris[EMAIL PROTECTED] Farrow Norris Pty Ltd +61 417 243 239 -- SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Answer + Disappointment
* This one time, at band camp, Stephen Robert Norris said: Yes, 1 in 72057594037927936. Please, take it to slug-chat if you must keep it up. Thanks -- Greeno [EMAIL PROTECTED] GnuPG Key : 1024D/B5657C8B Key fingerprint = 9ED8 59CC C161 B857 462E 51E6 7DFB 465B B565 7C8B Imagine working in a secure environment and finding the string _NSAKEY in the OS binaries without a good explanation -Alan Cox 04/05/2001 -- SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Answer + Disappointment
On Tue, 11 Sep 2001, Stephen Robert Norris wrote: On Tue, Sep 11, 2001 at 11:53:04AM +1000, DaZZa wrote: On Mon, 10 Sep 2001, Rick Moen wrote: Only those who have cheap junk modems, or who don't know how to set them up properly. Well, look, folks, I hate to have to spell it out for you guys, but... Please, spell. I'm anxious to see how good your english is. Have you ever looked, raw, at a binary file, e.g. cat'ed it to screen by accident? That sort of stuff is, of course, what comes whizzing past your modem every time you, for example, transfer a binary file over a telephone line. You will note that you can find just about any pattern you please of characters in there, if you scroll far enough -- rather like looking for patterns in clouds, except with less healthy exposure to the outdoors. There's a couple of things wrong with this assumption. 1) The chance of a combination of binary code coming out in the exact format of +++ath0 is literally staggering. Winning lotto, by comparison, would be an every day event. Yes, 1 in 72057594037927936. or more nicely 2 ^ 56. Which means in every 16.7 million 4 gig chunks of data you download you will see 1 of these. Which you might get away with on a cable modem it would take around 39846.04579829 (assuming I got my maths right)[1] years to encounter that string randomly. Benno. [1] (2.0 ** 56) / (56 * 1024) / 60 / 60 / 24/ 365 39846.04579829 -- SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Answer + Disappointment
begin DaZZa quotation: 1) The chance of a combination of binary code coming out in the exact format of +++ath0 is literally staggering. Winning lotto, by comparison, would be an every day event. Um, no, it's not. Or, at least, it would seem that you don't transfer very much data, if that is your experience. And, besides, I believe the Chicken Little who posted earlier was in fact claiming that +++ by itself was evil nasty sinister villainous stuff. By the way, I hope you're collecting reports of all those (ahem!) hordes getting their modems dropped off every time I (or you) type +++ath. Fun conjuring up imaginary conspiracies to destroy the world, isn't it? 2) IP transfers are, by design, inherently unencrypted. That's vague enough to be arguably correct, yes. Which means that if the text +++ath0 is sent, that's exactly what you see. I assume you mean in a telnet session, http transfer, or the like. Yes. But our resident Chicken Little alleges that this triggers hang-ups on some unspecified (possibly hypothetical) modems that he's terribly, terribly worried about. Exceptions to this are, of course, things like ssh, IPSec etc, which perform some 3des encryption on the enclosed text/data. Yes, but what was your point? You didn't actually state one. (Further, of course, the _encrypted_ data streams can and do work out to resemble arbitrary random data streams, including the likes of +++ and such.) I'll run my sniffer on all my modem traffic for as long as it has buffer space for. If you can find one instance of +++ath0 in the capture _except where it's specifically intended to be there_, like in this message, I'll give you my modem. I don't want your modem, but you're certainly free to do that. But you appear to be rather confused about this matter, since what you're looking for wouldn't demonstrate anything of interest. These days, no. Most modern modem manufacturers actually pay Hayes an appropriate licenseing fee, and avoid the bug. I hate to have to tell you this, but there is no Hayes, any more. And the patented pause, +++, pause method was _hardly_ the only possible method of performing command escapes. However, there are still modem manufacturers who don't - and for whom this bug is still very real. Please feel free to send details. Their customers must have a really busy time, dealing with randomly encountered +++ and 'ath sequences. It's not as hard as you think. In fact, I undertook just this exercise not so long ago as a result of having exactly your argument with someone elsewhere - and found myself red faced and with my foot in my mouth at the percentage of modems which actually _do_ respond. Well, feel free to shovel your data over here. It might be interesting reading. Or not. -- Cheers, Everything is gone; Rick Moen Your life's work has been destroyed. [EMAIL PROTECTED] Squeeze trigger (yes/no)? -- David Carlson (winner, haiku error message contest) -- SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Answer + Disappointment
On Tue, 11 Sep 2001 12:06, Stephen Robert Norris wrote: 1) The chance of a combination of binary code coming out in the exact format of +++ath0 is literally staggering. Winning lotto, by comparison, would be an every day event. Yes, 1 in 72057594037927936. Out of interest, how many possible chars is this based on? 128!/7!*121! = 9.45257952E10 256!/7!*249! = NaN ( on a 64 bit double.. That's HUGE! ) -- Kaufman's First Law of Party Physics: Population density is inversely proportional to the square of the distance from the keg. -- SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
maths, was Re: [SLUG] Answer + Disappointment
On Tue, 11 Sep 2001, Ben Leslie wrote: 1) The chance of a combination of binary code coming out in the exact format of +++ath0 is literally staggering. Winning lotto, by comparison, would be an every day event. Yes, 1 in 72057594037927936. or more nicely 2 ^ 56. Which means in every 16.7 million 4 gig chunks of Whoa! Whoa! Stop right there guys. You are all making one huge assumption that the data is random. And thats just plain wrong. None of your numbers are at all meaningful, given that one little oversight. -- Mike Holland [EMAIL PROTECTED] --==-- Everybody is talking about the weather but nobody does anything about it. -- Mark Twain -- SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
winbind was: [SLUG] Answer + Disappointment
On Mon, Sep 10, 2001 at 07:28:27PM +1000, Jeff Waugh wrote: quote who=Andre Pang Somebody have a good docs/HOWTO about mapping users in NT to the Linux? in another note, please learn how to find out the information yourself via google/HOWTOs/etc. just as an exercise, i typed in map usernames from windows to linux with samba into google and it was third hit. [snip] Back to our regularly scheduled program: Phillipus, you can find out more about Winbind here: http://open-projects.linuxcare.com/research-papers/winbind-08162000.html There's also a fair bit of documentation in the tarball itself. Keep in mind that you'll have to deal with PAM issues, as well as all the usual Windows authentication issues, so you may want to familiarise yourself with it too. Winbind lets you basically ignore the linux machine's authentication system, letting the PDC handle it all. You might also want to look at pam_smb, which is less flexible, but quicker to set up and deal with for smaller tasks. You may find that that if you need winbind you'll have an easier time in using it once samba 2.2.2 is out. That looks like it'll be sometime this month. Anand -- SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Answer + Disappointment
- Original Message - From: DaZZa [EMAIL PROTECTED] To: Alister Waller [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Tuesday, September 11, 2001 9:15 AM On Mon, 10 Sep 2001, Alister Waller wrote: # start curiosity Did this affect both Linux and Windows users? # end curiosity It's OS independant. However, it *is* modem dependant. I posted a reference page - a little google searching for ping+ath0 will find more. DaZZa When I was working in the support section of an ISP, we routinely used a ping with this command (in hex) as payload to hang up customers with only one phone line :) We found that the only modems that it wouldn't work on were the US Robotics - based ones, pretty much everything else was disconnected by it. Cheers, Rob -- SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Answer + Disappointment
On Mon, 10 Sep 2001, Charles U Farley wrote: I'm happy to paint you as a villain Rick, as I'm sure many of this lists modem users are. Yes you've annoyed me personally, does + + + ath ring any bells in your juvenile head. For those of you lucky enough to be unaware, Rick decided to include the command to hangup a modem in the headers of several recent emails to this list. I'll bet there are other recipients not yet back on the list, still trying to figure out why their ppp connection fails every time they download their mail. Only those who have cheap junk modems, or who don't know how to set them up properly. There's a simple AT command that's valid on all modems which even pretend to match the Hayes command set which disables this possibility. Of course, good modems who actually license the Hayes command set accordingly don't have this problem. Reference http://cert.uni-stuttgart.de/archive/bugtraq/1998/09/msg00209.html Rick, you are a villain and a nuisance and because I know this to be true, this post is anonymous. Certainly, it's childish and a nuisance - but villainous? DaZZa -- SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Answer + Disappointment
On Mon, 10 Sep 2001, Alister Waller wrote: # start curiosity Did this affect both Linux and Windows users? # end curiosity It's OS independant. However, it *is* modem dependant. I posted a reference page - a little google searching for ping+ath0 will find more. DaZZa -- SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Answer + Disappointment
On Mon, 10 Sep 2001, Rick Moen wrote: Only those who have cheap junk modems, or who don't know how to set them up properly. Well, look, folks, I hate to have to spell it out for you guys, but... Please, spell. I'm anxious to see how good your english is. Have you ever looked, raw, at a binary file, e.g. cat'ed it to screen by accident? That sort of stuff is, of course, what comes whizzing past your modem every time you, for example, transfer a binary file over a telephone line. You will note that you can find just about any pattern you please of characters in there, if you scroll far enough -- rather like looking for patterns in clouds, except with less healthy exposure to the outdoors. There's a couple of things wrong with this assumption. 1) The chance of a combination of binary code coming out in the exact format of +++ath0 is literally staggering. Winning lotto, by comparison, would be an every day event. 2) IP transfers are, by design, inherently unencrypted. Which means that if the text +++ath0 is sent, that's exactly what you see. Exceptions to this are, of course, things like ssh, IPSec etc, which perform some 3des encryption on the enclosed text/data. So -- and I figure _some_ of you must surely see where I'm going with this -- a surprisingly large portion of the time, you can find odd little strings like +++ath. Now, ask yourself, if modems were to hang up the line every time they happened to run across such a string by chance, would even the dimmest customers keep them for more than about a week before throwing them in the rubbish? I think not. Even junky, cheap winmodems aren't _that_ pathetic. You are kidding yourself. Tell you what. I'll run my sniffer on all my modem traffic for as long as it has buffer space for. If you can find one instance of +++ath0 in the capture _except where it's specifically intended to be there_, like in this message, I'll give you my modem. So, if you think modems all over the Internet are getting slammed off the line every one of the quite frequent times they encounter +++ and ath sequences, you really need to think again. These days, no. Most modern modem manufacturers actually pay Hayes an appropriate licenseing fee, and avoid the bug. However, there are still modem manufacturers who don't - and for whom this bug is still very real. But certainly you shouldn't take my word for it. By all means, have a blast trying to find and test modems that _are_ that pathetic. It's not as hard as you think. In fact, I undertook just this exercise not so long ago as a result of having exactly your argument with someone elsewhere - and found myself red faced and with my foot in my mouth at the percentage of modems which actually _do_ respond. DaZZa -- SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
