Re: I'm a Bastard Operator... From Hell.

2003-07-31 Thread Aaron 
On -5921-Tue, Jul 29, 2003 at 03:57:51PM -0500, Jesse Meyer <[EMAIL PROTECTED]> spake 
thus,
> On Tue, 29 Jul 2003, Aaron wrote:
> 
> > I had someone SSHed into my box the other day (my laptop) while at
> > work and I wanted to screw with him by booting him off. I obviously
> > have root on my box, but I wonder if there is any "official" or
> > "proper" way to make a user leave the system?
> > 
> > Something along the lines of a "kick" is what I'm after. I achieved
> > the same result by killing his topmost bash process, but not only is
> > that probably dangerous and unpredictable, it doesn't let me add a
> > mean message ;-)
> 
> Shouldn't a real BOFH already know this?  :-)
> 
> Off the top of my head, try:
> 
>   1) w | grep yuppyscum to get the terminal number (#)
>   2) echo -e -n 'DIE SCUM!' > /dev/pts/#
>   3) pkill -u yuppyscum
> 
> I'm sure there are more elegant solutions, but I prefer the brute
> forcefulness of this one.  Plus, my way takes all of the user processes.
> :)  No (GNU) screen to the rescue.

That is the first REAL answer I've gotten. I especially like the echo
bit. I will probably not have an application for this, but it's a
wonderful example of how a sysadmin could become a BOFH in real life,
rather than just the *clickity click* abstraction of fiction.


-- 
Aaron Bieber
-
Graphic Design // Web Design
http://www.core-dev.com/
[EMAIL PROTECTED]


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: I'm a Bastard Operator... From Hell.

2003-07-31 Thread Aaron 
On -5920-Tue, Jul 29, 2003 at 03:53:29PM +0100, Hugh Saunders <[EMAIL PROTECTED]> 
spake thus,
> On Tue, Jul 29, 2003 at 09:32:20AM -0500, Ron Johnson wrote:
> > And, if so, why do you want to "screw with him"?
> he's already said hes a bofh ;-)

Indeed. But only tongue-in-cheek.

In response to Ron, though, yes, he was a valid user. I'm not running
a huge multi-user system on my laptop. In fact, I only have three
users set up on it. I just thought it would be funny, since we were
both sitting in the same office, to kill all of his processes and
wanted an easy way to do it.

But, in the name of further substantiating my cause, I can think of a
few scenarios when the legitimate use of slay would be appropriate.

1) Someone who is a valid user leaves the room with the shell logged
in and someone ELSE (who is not very nice, and therefore does not have
a login of his or her own) does something malicious such as run many
instances of a program.

2) A valid user accidentally causes many instances of something to
run, possibly in the course of doing some development. I have friends
who are still ignorant of tools such as 'killall' or who might not
think of logging into the machine a second time when their first shell
is hung in a loop in order to fix the problem.

Either way, I'm glad to know that slay exists.


-- 
Aaron Bieber
-
Graphic Design // Web Design
http://www.core-dev.com/
[EMAIL PROTECTED]


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: I'm a Bastard Operator... From Hell.

2003-07-29 Thread Jesse Meyer 
On Tue, 29 Jul 2003, Aaron wrote:

> I had someone SSHed into my box the other day (my laptop) while at
> work and I wanted to screw with him by booting him off. I obviously
> have root on my box, but I wonder if there is any "official" or
> "proper" way to make a user leave the system?
> 
> Something along the lines of a "kick" is what I'm after. I achieved
> the same result by killing his topmost bash process, but not only is
> that probably dangerous and unpredictable, it doesn't let me add a
> mean message ;-)

Shouldn't a real BOFH already know this?  :-)

Off the top of my head, try:

1) w | grep yuppyscum to get the terminal number (#)
2) echo -e -n 'DIE SCUM!' > /dev/pts/#
3) pkill -u yuppyscum

I'm sure there are more elegant solutions, but I prefer the brute
forcefulness of this one.  Plus, my way takes all of the user processes.
:)  No (GNU) screen to the rescue.

~ Jesse Meyer

-- 
 icq: 34583382 / msn: [EMAIL PROTECTED] / yim: tsunad

   "We are what we pretend to be, so we must be careful about what we 
pretend to be." - Kurt Vonnegut Jr : Mother Night


pgp0.pgp
Description: PGP signature

Re: I'm a Bastard Operator... From Hell.

2003-07-29 Thread Hugh Saunders 
On Tue, Jul 29, 2003 at 09:32:20AM -0500, Ron Johnson wrote:
> And, if so, why do you want to "screw with him"?
he's already said hes a bofh ;-)

-- 
hugh


pgp0.pgp
Description: PGP signature

Re: I'm a Bastard Operator... From Hell.

2003-07-29 Thread Ron Johnson 
On Tue, 2003-07-29 at 06:25, Aaron wrote:
> On -5446-Tue, Jul 29, 2003 at 12:41:20AM -0500, Ron Johnson <[EMAIL PROTECTED]> 
> spake thus,
> > On Tue, 2003-07-29 at 00:29, Aaron wrote:
> > > Hey ladies and gents-
> > > 
> > > I had someone SSHed into my box the other day (my laptop) while at
> > > work and I wanted to screw with him by booting him off. I obviously
> > 
> > What's more important is, "How the heck did this person get a
> > valid password for that machine?"
> > 
> > That's what *I* would be concerned about...
> 
> Unfortunately I find it impossible to trust all people. Although the

Yees, but how did the "other person" get a valid password for 
your laptop machine?


> security and preventative measures available to Linux (handed down
> from Unices of lore) are strong, I can't imagine that any system might
> be idiot-proof. What if someone is messing with bash scripting and
> accidentally creates an endless loop spawning mozilla processes? It is
> quite possible that that user might be unaware of 'killall' and
> completely unable to rectify his or her own accident.
> 
> I don't assert that it is likely a sysadmin might have to boot a valid
> user from a system, but since *someone* wrote 'slay' I'm assuming
> there was a need.

Of course a valid userid must be slain occasionally.

This issue, though, is, "I had someone SSHed into my box the other
day".  Was this person authorized to use that userid?

And, if so, why do you want to "screw with him"?  None of your posts
have mentioned whether he was doing anything egregious or not.

-- 
+-+
| Ron Johnson, Jr.Home: [EMAIL PROTECTED] |
| Jefferson, LA  USA  |
| |
| "I'm not a vegetarian because I love animals, I'm a vegetarian  |
|  because I hate vegetables!"|
|unknown  |
+-+



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: I'm a Bastard Operator... From Hell.

2003-07-29 Thread Aaron 
On -5446-Tue, Jul 29, 2003 at 12:41:20AM -0500, Ron Johnson <[EMAIL PROTECTED]> spake 
thus,
> On Tue, 2003-07-29 at 00:29, Aaron wrote:
> > Hey ladies and gents-
> > 
> > I had someone SSHed into my box the other day (my laptop) while at
> > work and I wanted to screw with him by booting him off. I obviously
> 
> What's more important is, "How the heck did this person get a
> valid password for that machine?"
> 
> That's what *I* would be concerned about...

Unfortunately I find it impossible to trust all people. Although the
security and preventative measures available to Linux (handed down
from Unices of lore) are strong, I can't imagine that any system might
be idiot-proof. What if someone is messing with bash scripting and
accidentally creates an endless loop spawning mozilla processes? It is
quite possible that that user might be unaware of 'killall' and
completely unable to rectify his or her own accident.

I don't assert that it is likely a sysadmin might have to boot a valid
user from a system, but since *someone* wrote 'slay' I'm assuming
there was a need.

-- 
Aaron Bieber
-
Graphic Design // Web Design
http://www.core-dev.com/
[EMAIL PROTECTED]


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: I'm a Bastard Operator... From Hell.

2003-07-29 Thread Jeremy Gaddis 
On Tue, 2003-07-29 at 00:29, Aaron wrote:

> What do sysadmins do if they find a user is doing something malicious
> and they want them gone? From a real world standpoint I can see the
> benefits to having such a capacity, even if my intentions are less
> than noble.

apt-get install slay

j.

-- 
Jeremy L. Gaddis   <[EMAIL PROTECTED]>   



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: I'm a Bastard Operator... From Hell.

2003-07-28 Thread Bob Proulx 
Aaron wrote:
> I had someone SSHed into my box the other day (my laptop) while at
> work and I wanted to screw with him by booting him off.

I assume you had previously given this person a valid login on your
system or otherwise they would not have been able to log in.

> I obviously have root on my box, but I wonder if there is any
> "official" or "proper" way to make a user leave the system?

You might look into 'pkill' with the -u option.

  pkill -HUP -u guest ; sleep 5 ; pkill -KILL -u guest

> Something along the lines of a "kick" is what I'm after. I achieved
> the same result by killing his topmost bash process, but not only is
> that probably dangerous and unpredictable, it doesn't let me add a
> mean message ;-)

It is friendly to kill with SIGHUP so that processes have the
opportunity to clean and not leave temporary files and other trash
hanging around.  Any processes which don't leave within a reasonable
delay can be killed more forcefully.

If you want to send a message then 'wall' and 'write' are the typical
programs.

> What do sysadmins do if they find a user is doing something malicious
> and they want them gone? From a real world standpoint I can see the
> benefits to having such a capacity, even if my intentions are less
> than noble.

If you want them gone then don't forget to prevent them from logging
in again.  And don't forget about any ~/.ssh/authorized_keys files.

  man nologin
  man deluser

Other related programs are 'autolog' and 'timeoutd'.

Bob


pgp0.pgp
Description: PGP signature

Re: I'm a Bastard Operator... From Hell.

2003-07-28 Thread Ron Johnson 
On Tue, 2003-07-29 at 00:29, Aaron wrote:
> Hey ladies and gents-
> 
> I had someone SSHed into my box the other day (my laptop) while at
> work and I wanted to screw with him by booting him off. I obviously

What's more important is, "How the heck did this person get a
valid password for that machine?"

That's what *I* would be concerned about...

-- 
+-+
| Ron Johnson, Jr.Home: [EMAIL PROTECTED] |
| Jefferson, LA  USA  |
| |
| "I'm not a vegetarian because I love animals, I'm a vegetarian  |
|  because I hate vegetables!"|
|unknown  |
+-+



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

I'm a Bastard Operator... From Hell.

2003-07-28 Thread Aaron 
Hey ladies and gents-

I had someone SSHed into my box the other day (my laptop) while at
work and I wanted to screw with him by booting him off. I obviously
have root on my box, but I wonder if there is any "official" or
"proper" way to make a user leave the system?

Something along the lines of a "kick" is what I'm after. I achieved
the same result by killing his topmost bash process, but not only is
that probably dangerous and unpredictable, it doesn't let me add a
mean message ;-)

What do sysadmins do if they find a user is doing something malicious
and they want them gone? From a real world standpoint I can see the
benefits to having such a capacity, even if my intentions are less
than noble.

Thanks ;-)

-- 
Aaron Bieber
-
Graphic Design // Web Design
http://www.core-dev.com/
[EMAIL PROTECTED]


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]