Re: Offering external services, rlogins, smtp etc: how does it work?
Andrew Sullivan [sullivana@bpl.on.ca] wrote:
> On Thu, Jul 06, 2000 at 09:56:11AM +0930, Mark Phillips wrote:
>
> >
> > Suppose for example you want to allow exteral rlogins to your
> > computer. I presume you modify the inetd.conf file to include the line:
> >
> > login stream tcp nowait root /usr/sbin/tcpd /usr/sbin/in.rlogind
>
> Aaarrgh! Not the dreaded r-services! Don't allow them. Shut them
> off. They are evil, and a great source of amusement to all
> crackers. Use ssh, or telnet, if you must (although that's just as
> risky).
I've heard it said that rlogin has security problems, but I don't
understand why? And surely if there are problems, these would be
fixable? Isn't Debian supposed to be extra security fix aware?
Now you say to use ssh or telnet, but then say this is just as risky!
Why not use rlogin if it is no more risky than the alternatives?
The point is that I need to offer the functionality of rlogin. When I
am elsewhere and I want to do a remote login to my machine, then I
need rlogin or some equivalent. If rlogin is currently insecure, why
don't people make it secure? What makes it so hard?
Mark.
P.S. Please cc all replies to me as I read this list via the archives,
involving a delay of a few days.
--
_/~~~~~~~~\___/~~~~~~\____________________________________________________
____/~~\_____/~~\__/~~\__________________________Mark_Phillips____________
____/~~\_____/~~\________________________________mark@ist.flinders.edu.au_
____/~~\HE___/~~\__/~~\APTAIN_____________________________________________
____/~~\______/~~~~~~\____________________________________________________
__________________________________________________________________________
"They told me I was gullible ... and I believed them!"
Reply to: