Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Path: utzoo!utgpu!water!watnot!watmath!clyde!cbatt!ucbvax!BU-CS.BU.EDU!bzs From: bzs@BU-CS.BU.EDU.UUCP Newsgroups: mod.protocols.tcp-ip Subject: My Broadcast Message-ID: <8704061929.AA18758@bu-cs.bu.edu> Date: Mon, 6-Apr-87 14:29:03 EST Article-I.D.: bu-cs.8704061929.AA18758 Posted: Mon Apr 6 14:29:03 1987 Date-Received: Wed, 8-Apr-87 04:38:15 EST References: Sender: daemon@ucbvax.BERKELEY.EDU Distribution: world Organization: The ARPA Internet Lines: 31 Approved: tcp-ip@sri-nic.arpa From Dennis Perry: >I would like suggestions as to what you, or anyone else, think should be >done to prevent such occurances in the furture. Solution: Edit /etc/servers and remove the rwalld line. This will disable the remote service. The local "write to all users" program, 'wall', can still be used on any individual system. To shout to all systems in an area either have the operators log in and run wall locally or execute it via 'rsh system wall ..msg..' from a locally trusted site (as per the rsh restrictions.) A command file could be created trivially which simulated "rwall" to a selected set of sites: #!/bin/sh echo "Enter message to be sent to all systems (one line)" echo -n 'MESSAGE: ' read msg for i in host1 host2 etc... do rsh $i wall $msg done (I didn't test this, but I think the point is clear.) This can be further enhanced by removing the rwall binary from your systems, but if you don't support the daemon, you're not going to see any broadcasts, so it's under your control. Done. -Barry Shein, Boston University