Re: RH Linux telnet problems

From: Alessandro Rubini (rubiniat_private)
Date: Thu Apr 15 1999 - 11:32:10 PDT

Next message: gandalfat_private: "Re: ARP problem in Windows9X/NT"

Previous message: Peter van Dijk: "Re: KKIS.08041999.001.b - security raport - flaws in rpc part of"
Maybe in reply to: Rui Ribeiro: "RH Linux telnet problems"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

About preventing telnet as root:
> It should issue a error and not ask
> for the password, since otherwise it's defeating the whole purpose
> of denying root telnet access. The purpose, of course, it's
> preventing the raw transmission over the communication media.

The purpose, of course, is preventing "anonymous" root access.  Since
root is is often shared by several people, it's important to know who
is root at a certain time (it may also be a very primitive security
measure over cracker access, but too primitive to be really
successful, imho).

If you want to prevent raw trasmission of passwords, you should
disable telnet and rlogin altogether.

/alessandro

Next message: gandalfat_private: "Re: ARP problem in Windows9X/NT"
Previous message: Peter van Dijk: "Re: KKIS.08041999.001.b - security raport - flaws in rpc part of"
Maybe in reply to: Rui Ribeiro: "RH Linux telnet problems"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:42:45 PDT