[8170] in bugtraq
Yet more Rconsole.
Mon Oct 12 14:40:02 1998
Date: Fri, 9 Oct 1998 15:00:12 -0700
Reply-To: JB <jb@PRIMENET.COM>
Ok, heres a very simple solution: Buy a switch.
If an administrator is careless enough to rconsole to their server from
a shared hub, where there might be someone sniffing them, then expect
what you get. I can understand the "price" problem of buying a switch
vs. a hub, however, IMO it's a small price to pay for not having to
drive out to a remote site to access my server console. Also, here is
the best way to setup (IPX/SPX) rconsole on Netware 4.x:
At the server prompt:
SERVER:load remote
Enter a password for rconsole> <password>
SERVER:load rspx
SERVER:remote encrypt
Enter a password to encrypt
> <password>
To use this password use the command:
Would you like this command written to SYS:SYSTEM\LDREMOTE.NCF (y/n) <y>
SERVER:load edit ldremote.ncf
In the ldremote.ncf file, you will see the command line from above.
Add the line "LOAD RSPX" underneath the Load REMOTE line. Save the file.
SERVER:load edit autoexec.ncf
Remove any previous references to remote.nlm.
Add a line near the bottom (wherever is appropriate for you):
"ldremote" (without the quotes of course). Save the file.
That's it. Just make sure that in INETCFG, under
Manage Configuration/Configure Remote Access To This Server,
"Remote Access" is set to Disable.
All of this will keep your encrypted password off the public wire,
and warm and cozy in the SYS:SYSTEM directory, where it should be.
Justin Bodlander
Network Systems Engineer
Mesa Public Schools, Mesa, AZ.