Mail Archives: opendos/1997/03/11/21:28:27
Dennis Holley wrote:
>
> Mike and others familiar with the OpenDos kernel,
>
> The Net Send command has enough minor flaws in its function to make it
> a nuisance in an educational lab environment at the high school level
> (for example, you can easily use a purposely failed login attempt to
> masquerade as another user & then do a profane Net Send All).
>
> Do you know of a way to deal with this other than Net Receive Off? Is
> it necessary to obtain a recompiled command.com with this function
> removed in order to negate this command? Know of any tricks?
This is actually not in the OpenDOS kernel, but is a feature of
Personal NetWare. The NET SEND command actually transmits a
single IPX packet to all of the machines where it has detected users,
on a specific IPX socket, I believe. It may be possible to write
a (very) short program to close that socket, which would
make it impossible to receive the messages on that machine.
The VLM.EXE program (and it's subordinates) actually receives the
message, displays it on the screen, and waits for a keystroke.
After the special program was run, it would be impossible to re-open the
socket on behalf of VLM.EXE, without a REALLY good understanding
of IPX internals. The students would have an easier time disabling
the program in the first place. Whether this system would work
would depend on whether the students were allowed to reconfigure
the AUTOEXEC.BAT or other parts of the system and reboot, to avoid
loading the program which closed the socket. You could probably
"hide" the program somewhere during bootup, and have it produce
no output, to make it a little more difficult to track down.
Either that, or give it a name which no student would want to mess with,
like EMM388.EXE, and precede it with distracting comments like:
Rem This next line is required to enable upper network memory blocks
Writing the program to close the socket is trivial, if you know
the socket - which, unfortunately I can't remember off the top
of my head right now. I believe its the third socket of three
dynamic ones allocated by VLM.EXE on startup.
A second idea also occurs to me. VLM.EXE (or more likely PNW.VLM)
could be patched to never open the socket in the first place.
With the sources, it would be fairly easy to create such a patch.
Then you would use this special patched version of the client
on the public machines at your school. I don't know if the
source release of OpenDOS will include VLM source or not.
I kind of doubt it.
Hope this helps.
Tim Bird
- Raw text -