Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Internet Worm

From: isdmill () gatekeeper ddp state me us (David Miller)
Date: Mon, 17 Oct 1994 16:17:55 -0400 (EDT)

On Mon, 17 Oct 1994, Steve Davis wrote:


Various methods of making users' and administrators' lives a pain
deleted.

Brett Lymn writes:


This should stop the user creating a .rhosts file as there is a
directory there with that name.  


Seems to me that we would all be better served by running daemons that
don't trust the user to determine valid remote authentication.  Why not
fix the r-daemons and login to ignore these files?  This is certainly
possible if a) you have source, and b) you're a competant enough
programmer to #ifdef the necessary bits of code into oblivion.


If you're going to do that, why not just remove the services?  Take them 
out of etc/services and inetd.conf and your problems will all go away:)

What's that you say?  A user can put up the services on his own, just on 
ports > 1024? 

DRAT!  There's always a catch. :)



Unfortunatly, a) is rarely true.  It'd be nice if vendors would ship
their products secure.

-- 
                                             Steve Davis <strat () ksu ksu edu>
                                                     Kansas State University



----------------------------------------------------------------------------
                It's *amazing* what one can accomplish when 
                    one doesn't know what one can't do!
Previous By Date Next
Previous By Thread Next

Current thread: