[1222] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

Re: [linux-security] telnetd/telnetsnoopd (was Re: libc 5.4.7)

daemon@ATHENA.MIT.EDU (Miquel van Smoorenburg)
Mon Oct 14 19:41:36 1996

From: Miquel van Smoorenburg <miquels@cistron.nl>
To: rosc@fbn.globalent.net (Roscinante)
Date: Mon, 14 Oct 1996 22:45:12 +0200 (MET DST)
Cc: apenwarr@foxnet.net, linux-security@tarsier.cv.nrao.edu
In-Reply-To: <Pine.LNX.3.95.961013162426.31038A-100000@fbn.globalent.net> from "Roscinante" at Oct 13, 96 04:28:45 pm

You (Roscinante) wrote:
> On Sun, 13 Oct 1996, Avery Pennarun wrote:
> > I did some hacking on ttysnoop a while back, and it seems to me that =
the
> > only required change to telnetd was to make it call "ttysnoops" (noti=
ce the
> > trailing 's') instead of "login" after the connection was established.
>=20
> > To avoid recompiling telnetd all the time, someone might add a
> > command-line parameter that tells telnetd what login program to use.=20
> > Hard-coding it in always seemed kind of silly to me.

Funny, on Debian-1.1.10:

       telnetd - DARPA TELNET protocol server

SYNOPSIS
       /etc/telnetd  [-debug  [port]] [-l] [-L login_program] [-D
       options] [-D report] [-D exercise] [-D netdata]  [-D  pty=AD
       data]

The "-L" option does what you want. Strange that different distributions
have different versions of something as "standard" as telnetd. AFAIK
the Debian telnetd does have all the security fixes in it. Please
correct me if I am wrong!

Mike.
--=20
   Miquel van      | Cistron Internet Services   --    Alphen aan den Rij=
n.
   Smoorenburg,    | mailto:info@cistron.nl          http://www.cistron.n=
l/
miquels@cistron.nl |           The truth is out there. 42.

home help back first fref pref prev next nref lref last post