Bugtraq mailing list archives
Re: RH Linux telnet problems
From: rubini () PROSA IT (Alessandro Rubini)
Date: Thu, 15 Apr 1999 20:32:10 +0200
About preventing telnet as root:
It should issue a error and not ask for the password, since otherwise it's defeating the whole purpose of denying root telnet access. The purpose, of course, it's preventing the raw transmission over the communication media.
The purpose, of course, is preventing "anonymous" root access. Since root is is often shared by several people, it's important to know who is root at a certain time (it may also be a very primitive security measure over cracker access, but too primitive to be really successful, imho). If you want to prevent raw trasmission of passwords, you should disable telnet and rlogin altogether. /alessandro
Current thread:
- Re: RH Linux telnet problems James, Samuel P (Apr 15)
- <Possible follow-ups>
- Re: RH Linux telnet problems Alessandro Rubini (Apr 15)
- Re: RH Linux telnet problems Dalvenjah FoxFire (Apr 15)
- Re: RH Linux telnet problems Jamie Lawrence (Apr 15)
- Re: RH Linux telnet problems John D. Hardin (Apr 15)