Question about security on a program........

Kimi A. Adams plug-discuss@lists.PLUG.phoenix.az.us
Wed, 09 Jan 2002 07:11:30 -0700


--=======1A566131=======
Content-Type: text/plain; x-avg-checked=avg-ok-524C3D7E; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 8bit

I have Debian loaded on my servers, but I will definitely check to see if 
it's there.  Thanks for the response.

Kimi Adams

At 1/8/02, you wrote:

>On Tue, Jan 08, 2002 at 09:35:27AM -0700, Kimi A. Adams wrote:
> > I have a potential customer requesting a program that I believe will
> > provide security issues.  It's called YTalk, see the link below.
> >
> > http://www.iagora.com/~espel/ytalk/ytalk.html
> >
> > I has lot's of information but since I am unfamiliar with this product, I
> > need to know from the group whether it's a potential problem for security
> > risks.  This person says he dials in with an ISP dial up account, 
> initiates
> > the Ytalk program from his shell account, then "rings" the other party, 
> his
> > friend in Ukrain, and they are connected.  I believe it's sorta like IRC,
> > which is not too much of a problem but I just won't light up "talk" on my
> > servers for obvious reasons.
> >
> > If there is a good way to protect against security risks, I would like to
> > know that as well.  Again and always, I appreciate all comments and info I
> > can get from all of the group.  Thanks.
>
>I used talk/ytalk a bit in college.  It allows you to have a
>split-screen chat session in a terminal, either with people on your
>own machine or people on another machine running a talk daemon.
>
>Since he's initiating the session, the server his friend is on must be
>running a talkd server.  This means that you would need to provide him
>only the ytalk client, not a running talkd server.  The security
>issues involved in running the ytalk client should be roughly
>equivalent to those involved in running an irc client.  (Actually,
>depending on the irc client, they would be somewhat less because ytalk
>does not have scripting functionality or file transfer capability.)
>
>By the way, Red Hat (version 6.2, at least) provides ytalk, so you may
>already have installed it with your distribution.
>
>-Mike
>________________________________________________
>See http://PLUG.phoenix.az.us/navigator-mail.shtml if your mail doesn't 
>post to the list quickly and you use Netscape to write mail.
>
>PLUG-discuss mailing list  -  PLUG-discuss@lists.PLUG.phoenix.az.us
>http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
>
>
>---
>Incoming mail is certified Virus Free.
>Checked by AVG anti-virus system (http://www.grisoft.com).
>Version: 6.0.307 / Virus Database: 168 - Release Date: 12/11/01

--=======1A566131=======
Content-Type: text/plain; charset=us-ascii; x-avg=cert; x-avg-checked=avg-ok-524C3D7E
Content-Disposition: inline


---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.307 / Virus Database: 168 - Release Date: 12/11/01

--=======1A566131=======--