|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: login -h
Alexander Haiut (alx
black.BGU.AC.IL)Thu, 8 Dec 1994 12:25:47 +0200 (GMT+0200)
- Messages sorted by: [ date ][ thread ][ subject ][ author ]
- Next message: Jonas Sandberg: "Re: Race conditions"
- Previous message: Walker Aumann: "Re: Race conditions"
- In reply to: Bonfield James: "login -h"
On Wed, 7 Dec 1994, Bonfield James wrote: > ... > Remember the "rlogin -l -froot" type bugs some time ago? At the time I > mentioned that "-l -hhostname" could also be used to spoof hostnames in the > wtmp files. This is still true. The reason I haven't posted again about this > earlier is that we've been having a couple problems ourselves. Using the tcp > wrapper helps things, but it's only just been installed (despite the fact that > I've requested it numerous times). > > A typical spoof would be: > > rlogin targethost -l -htargethost > > Then type in the user and password. It'll then appear to last, who and > probably finger, on targethost that the user has logged in from that system, > not from remotely. > ... okay, 4.1.3_u1 works correct (read: "safe" ;-) in this case, but if talking about spoofing, why not to use the simple trick with C-shell: rsh hostname /bin/csh -bif it logs you in without tty, but also without any entries in [wu]tmp files.. that's all.. --alex. --- Alexander L. Haiut Ben-Gurion University of the Negev, Beer-Sheva, Israel ________________________________________ e-mail : alx
- Next message: Jonas Sandberg: "Re: Race conditions"
- Previous message: Walker Aumann: "Re: Race conditions"
- In reply to: Bonfield James: "login -h"