Quick & Dirty README

This is a quick hack to make talkd block incoming 'flash' bombs,
make a log entry in syslog about the flash, and execute an external
script /etc/flash.mail

You can change the filename of the script that is called if you like,
it's in process.c.

The script is called with $1 being the resolved hostname of the
IP address that the 'flash bomb' came from.

An example script is included. I use this script on my box to send
mail to root@$1 about the flash.  I thought about perhaps hacking together
a more elaborate #!/bin/sh script to perform a 'whois' on the _domain_
of the caller's address and grep out the Administrative Contact's email
address so I can CC: them a copy of this automated message :-)  If you
find yourself bored and hack together something like this, mail me a copy.

The following are some commands you can type as root to get everything
installed and working right away:

mv /usr/sbin/in.talkd /usr/sbin/in.talkd_lameware
strip talkd
mv talkd /usr/sbin/in.talkd
chown bin.bin /usr/sbin/in.talkd
chmod 0500 /usr/sbin/in.talkd
mv flash.mail /etc
chown bin.bin /etc/flash.mail
chmod 0500 /etc/flash.mail

Make sure /etc/inetd.conf has a couple entries that look like this:
talk    dgram   udp     wait    root    /etc/tcpd       in.talkd
ntalk   dgram   udp     wait    root    /etc/tcpd       in.talkd

Your tcpd may be located in /usr/sbin, however. Just change it
accordingly.  After this is done, send a kill -HUP your inetd
server and you should be happily protected against flashing
losers.

Flames -> /dev/null
Questions/Comments -> george@i.am.lame.org

-George Shearer
