[39832] in North American Network Operators' Group
RE: 'we should all be uncomfortable with the extent to which luck
daemon@ATHENA.MIT.EDU (Roeland Meyer)
Wed Jul 25 11:49:07 2001
Message-ID: <EA9368A5B1010140ADBF534E4D32C728025A67@condor.mhsc.com>
From: Roeland Meyer <rmeyer@mhsc.com>
To: 'Mitch Halmu' <mitch@netside.net>,
Roeland Meyer <rmeyer@mhsc.com>
Cc: 'k claffy' <kc@ipn.caida.org>, nanog@nanog.org, caida@caida.org
Date: Wed, 25 Jul 2001 08:51:56 -0700
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Errors-To: owner-nanog-outgoing@merit.edu
> From: Mitch Halmu [mailto:mitch@netside.net]
> Sent: Wednesday, July 25, 2001 8:30 AM
>
> On Tue, 24 Jul 2001, Roeland Meyer wrote:
>
> > How many of us here run anything less than SSH and even
> allow telnetd to
> > live on any of our hosts?>
>
> Those (few) providers offering shell accounts still do.
Someone once proved to me, definitvely, how easy it is to crack root from a
shell account. Especially one that is allowed to execute their own code.
That night, I killed all shell accounts of users that I didn't personally
know and trust. Those that were left were introduced to SSH. This was
five-years ago.
