, netbsd-help <netbsd-help@NetBSD.ORG>
From: John Maier <JohnAM@datastorm.com>
List: netbsd-help
Date: 03/01/1995 17:13:00
>Hmmmm dunno about your modems but the Netcomm ones I play with have an
>option for locking the DTE speed (ATRxx where xx sets the DTE speed).
Sorry, the bulk (99%+) of all consumer modems are auto-baud detecting.
Racals, some AT&Ts, (not familiar with, Netcomms) and others, have this DTE
lock option. This option is basically only used to solve this problem
with main frames and UNIX boxes, where the baud of a port is typically
constant. However, on a PC, (for which most modems are typically used)
users might choose just about any speed via their comm program, and the
modem will auto adjust it's DTE rate to match. I have hundreds of modem
manuals to prove it.
>Forcing the CD high on an incoming dial up is very very bad practice.
>Envision this:
>Person A logs in via the modem, hacking away finds they need to fix
>something as root.... ok su and away we go. Partway through some line
>crud drops the connection. Person B just happen to dial in at that
>moment - blammo one root shell just waiting to be abused!
Yes I realize this, and should have mentioned this. However, most modems
will pulse CD low when carrier is lost and then go high again. In my case,
long enough for BSD to terminate the session. On a few modems, CD wont
even go back high, which in this case would be nice! If security is an big
issue, this should be tested.
>The dropping of the CD signal will kill any processes on associated
>with the dial in session and restarts getty on that line making sure
>the next person gets a login prompt.
>Again if you do not force CD high but lock the DTE speed then you will
>not have this problem because the message will not be produced until
>the connection has been established.
As for the login prompt, a simple <Enter> will get you to a prompt (I've
had to do more to get onto some machines).
I all, Yes I agree, but if you have a modem that doesn't support locked DTE,
you're hosed, so this method is the only option I have found to date.
(Honestly, if I had a modem that supported locked DTE, I'd use it in a
heart beat!)
If you're concerned about DTE, almost all of the Telebits, and the Motorola
Codex (i.e.3260 fast) have this option, are cheep and fairly easy to get.
I think hardware availability is the issue here. Most people have Superas,
Intels, Hayes, Practical Peripherals, etc. and want a way to use them
without shelling out lots of money for another modem. Not to mention, all
of the modems that I've seen that support locked DTE are rather pricey
compared to their auto-baud detecting counter parts, and this is a
consideration to those who are using NetBSD as a hobby/learning OS.
Now, if someone would tell me how to initialize the port at a specific baud
rate during boot (in the rc file) this whole security issue would go away!
I guess if I don't get a response, I'll write a small app to accomplish
this feat. Something like:
serialinit -port /dev/tty01 -baud 19200 -initstring ATE0Q1L1&C1&D2S0=1
BTW has anyone been able to set the baud rate in ttys higher that 19200?
I've tried 38,400 and the port doesn't seem to respond (I do have a 16550
and have tested it on a direct connect).
thanks,
jam
**********************************************************************
* John A. Maier * Research Assistant For Datastorm *
* E-mail: johnam@datastorm.com * Technologies Inc. (Procomm Plus) *
**********************************************************************