lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20040318023039.GB15@pobox.com> From: cstone at pobox.com (cstone) Subject: Ancient Trivia: +++ath0 On Wed, Mar 17, 2004 at 08:42:55PM -0500, Luke Scharf wrote: > As the old BBS'ers and even older folks know, the string "+++ath0" will > disconnect a modem. Once upon a time, I had this string in my e-mail > signature. Some folks using Windows and a dialup line couldn't respond > to my e-mail, even though the e-mail was being sent via PPP and all that > good stuff. Everyone could receive the mail, though, so I'm assuming > that the ISP was was running a decent implementation of PPP -- although > since I haven't used modems in years, I can't rule out that the ISP was > using some sort of non-Hayes modem. > Does anyone know what versions of windows had this particular bug in the > PPP implementation? Were any other systems affected? This wasn't a Windows bug; instead, it was a flaw in most non-Hayes* modems. These commands (the +++ escape and ATH0) are only meaningful when they're sent outbound through the modem; this is why everyone was able to read your message, but were unable to reply-- their replies entailed sending the message, +++(command) included, over the wire. If TCP/IP over PPP is involved, there's a chance that the +++ may be split into different packets -- in this case, the data would go through just fine -- but it's more likely that it all gets sent right next to each other when it actually goes through the modem. This has made the rounds of bugtraq and other security forums a few times, usually with mentions of "exploits" involving ICMP echo and/or IRC. (For an example of this, see http://www.geocrawler.com/archives/3/91/1998/9/0/198214/) * = Hayes has a patent on a scheme to protect against unintentional triggering of the escape sequence; on their modems, you have to wait a specific amount of time before and after the +++ before issuing a command.
Powered by blists - more mailing lists