[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: strange log entry



On Thu, May 24, 2001 at 01:34:01AM -0700, Jacob Meuser wrote:
> On Thu, May 24, 2001 at 01:24:50AM -0400, Ed Street wrote:
> > Hello,
> > 
> > Well first off WHY are you running the rpc stuff?  (i.e. I can root a redhat
> > 6.x box in under 30 seconds with a rpc exploit from a clean install)  Turn
> > that stuff OFF.
> > 
> Not to start a thread discussing OSes, but ...
> 
> OpenBSD ships with rstatd and ruserd enabled by default and according to
> http://www.openbsd.org/
> 
>     "Four years without a remote hole in the default install!"
>                                              ^^^^^^^^^^^^^^^^
> Which begs the question, especially since the *BSD's release their
> sources under BSD style liscenses, why does rpc remain a security problem
> in Linux?  Is it the kernel?  Is it the rpc code?

because that underlined portion is the key here, OpenBSD keeps the rpc
stuff turned off by default, thus even if a root hole is found in a
rpc service (other then portmap) openbsd does not consider that a
`remote hole in the *default install*'  they are quick to mention this
every time a hole is found in any daemon OpenBSD ships with but leaves
off by default.  

-- 
Ethan Benson
http://www.alaska.net/~erbenson/

Attachment: pgpfNuw4tT4nE.pgp
Description: PGP signature


Reply to: