[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: strange log entry

On Thu, May 24, 2001 at 12:43:40AM -0800, Ethan Benson wrote:
> On Thu, May 24, 2001 at 01:34:01AM -0700, Jacob Meuser wrote:
> > On Thu, May 24, 2001 at 01:24:50AM -0400, Ed Street wrote:
> > > Hello,
> > > 
> > > Well first off WHY are you running the rpc stuff?  (i.e. I can root a redhat
> > > 6.x box in under 30 seconds with a rpc exploit from a clean install)  Turn
> > > that stuff OFF.
> > > 
> > Not to start a thread discussing OSes, but ...
> > 
> > OpenBSD ships with rstatd and ruserd enabled by default and according to
> > http://www.openbsd.org/
> > 
> >     "Four years without a remote hole in the default install!"
> >                                              ^^^^^^^^^^^^^^^^
> > Which begs the question, especially since the *BSD's release their
> > sources under BSD style liscenses, why does rpc remain a security problem
> > in Linux?  Is it the kernel?  Is it the rpc code?
> because that underlined portion is the key here, OpenBSD keeps the rpc
> stuff turned off by default, thus even if a root hole is found in a
> rpc service (other then portmap) openbsd does not consider that a
> `remote hole in the *default install*'  they are quick to mention this
> every time a hole is found in any daemon OpenBSD ships with but leaves
> off by default.  
BS, when was the last time you installed OpenBSD?  I just did an install
today.  I guarantee portmap, ruserd, and rstatd are enabled by default,
as the installer doesn't even ask what you want to activate, and these
programs are part of the base tarball. 


Reply to: