Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1995_2

Bugtraq archives for 2nd quarter (Apr-Jun) 1995: rlogin can be used to change finger information

rlogin can be used to change finger information

Bonfield James (jkbmrc-lmb.cam.ac.uk)
Fri, 2 Jun 1995 11:52:36 +0100 (BST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Michael J. Covington: "Re: login can be used to hide from finger under SunOS 4.13u1"
Previous message: Casper Dik: "Re: login can be used to hide from finger under SunOS 4.13u1"
Next in thread: Casper Dik: "Re: rlogin can be used to change finger information"

The recent note about hiding from finger reminded me of a problem with rlogin
on some systems (not SunOS 4 or Solaris 2 it seems).

When the -l -froot flaw was noticed I quickly realised that whilst few systems
suffered from -froot, more suffered from -hhostname (including OSF/1 V3.0,
Concentrix 3.0.00).

On such systems an 'rlogin machine -l -hhostname' will write 'hostname' to the
last log information rather than your real hostname. This shouldn't pose
problems to those using the tcp wrappers though (I prefer these to wtmp any
way as the fields in wtmp are just too short).

	James

Next message: Michael J. Covington: "Re: login can be used to hide from finger under SunOS 4.13u1"
Previous message: Casper Dik: "Re: login can be used to hide from finger under SunOS 4.13u1"
Next in thread: Casper Dik: "Re: rlogin can be used to change finger information"