[1222] in linux-security and linux-alert archive
Re: [linux-security] telnetd/telnetsnoopd (was Re: libc 5.4.7)
daemon@ATHENA.MIT.EDU (Miquel van Smoorenburg)
Mon Oct 14 19:41:36 1996
From: Miquel van Smoorenburg <miquels@cistron.nl>
To: rosc@fbn.globalent.net (Roscinante)
Date: Mon, 14 Oct 1996 22:45:12 +0200 (MET DST)
Cc: apenwarr@foxnet.net, linux-security@tarsier.cv.nrao.edu
In-Reply-To: <Pine.LNX.3.95.961013162426.31038A-100000@fbn.globalent.net> from "Roscinante" at Oct 13, 96 04:28:45 pm
You (Roscinante) wrote:
> On Sun, 13 Oct 1996, Avery Pennarun wrote:
> > I did some hacking on ttysnoop a while back, and it seems to me that =
the
> > only required change to telnetd was to make it call "ttysnoops" (noti=
ce the
> > trailing 's') instead of "login" after the connection was established.
>=20
> > To avoid recompiling telnetd all the time, someone might add a
> > command-line parameter that tells telnetd what login program to use.=20
> > Hard-coding it in always seemed kind of silly to me.
Funny, on Debian-1.1.10:
telnetd - DARPA TELNET protocol server
SYNOPSIS
/etc/telnetd [-debug [port]] [-l] [-L login_program] [-D
options] [-D report] [-D exercise] [-D netdata] [-D pty=AD
data]
The "-L" option does what you want. Strange that different distributions
have different versions of something as "standard" as telnetd. AFAIK
the Debian telnetd does have all the security fixes in it. Please
correct me if I am wrong!
Mike.
--=20
Miquel van | Cistron Internet Services -- Alphen aan den Rij=
n.
Smoorenburg, | mailto:info@cistron.nl http://www.cistron.n=
l/
miquels@cistron.nl | The truth is out there. 42.