[9] in bugtraq
r commands
daemon@ATHENA.MIT.EDU (Aleph One)
Mon Oct 17 20:01:02 1994
From: aleph1@dfw.net (Aleph One)
To: bugtraq@crimelab.com
Date: Mon, 17 Oct 1994 17:57:49 -0500 (CDT)
Well guess i'll just pitch in my two cents in. If you dont allow
users to set up their own .rhosts files, or you dissable them
compleately. Then you loose what makes the r commands so wanted
by people.... transparency. They like them because they dont have
to type a user name and passwd to log into other machines. Now if
this dissapears then rlogin is a beefed up telnet. Therefore you must
a) Allow you users to use them and simply drop all incoming packets
to any ports where the r deamons hang at the router. or b) dont allow
them at all.
In a university setting a) is probably fine while a bussiness would
probably go with b).
Like I said just my $0.02
a1
http://dfw.net/~aleph1
Uebercrackers Security Web
