[645] in testers
vax 7.0A: inetd.conf
daemon@ATHENA.MIT.EDU (daemon@ATHENA.MIT.EDU)
Thu May 10 13:44:28 1990
Date: Thu, 10 May 90 13:43:25 -0400
From: John T Kohl <jtkohl@ATHENA.MIT.EDU>
To: testers@ATHENA.MIT.EDU
System name: lycus
Type and version: CVAXSTAR 7.0A
Display type: SM
What were you trying to do?
look at the inetd.conf services
What's wrong:
rexec is still in our config files.
What should have happened:
rexec/d is a hole by which password cracking programs can
easily take pot-shots at users passwords. There is no logging of any
attempts to gain access as a user.
None of our software uses rexec, and only one library function in the
4.1-compat section of the library uses it. There is no reason we should
have this running on our machines.
Please describe any relevant documentation references:
rexecd(8), rexec(3)
