OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Carr, Aaron [CNTUS] (CarrACentocor.com)
Date: Fri Sep 21 2001 - 08:18:46 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    Here are a couple things.

    First /etc/rc.d/init.d/telnetd stop
    Next rpm -e telnet-server
    Next Install SSH

    Also, just a personal opinion....While the thought of having custom error
    messages for failed logon attempts, and failed port connection attempts
    might sound cool and fun now....chances are that eventually you're going to
    end up pissing someone off to the point that they will wait and watch until
    a new exploit comes out and nail you just because you hurt their feelings.
    I'm saying that it's right, or that it's justified, just that it's probably
    true. When you tell someone they can't do something, they become far more
    determined to do so.

    That's just my .02 cents.

    Aaron Carr, CCNA, MCSE
    Technology Integration
    Systems and Process Support
    Clinical Research and Development
    (610)651-7321 (Voice)
    (610)651-6242 (Fax)
    (215)431-3133 (Mobile)
    8779900973skytel.com (Text Pager)
     
    The information contained in this e-mail and any attached files,
    including replies and forwarded copies, are confidential and intended
    solely for the addressee(s) and may be legally privileged or prohibited
    from disclosure and unauthorized use. If you are not the named addressee
    you may not use, copy or disclose this information to any other person.
    If you received this message in error please notify the sender
    immediately and delete all copies of the email and associated files. If
    you are not the intended recipient, any form of reproduction,
    dissemination, copying, disclosure, modification, distribution and/or
    publication or any action taken or omitted to be taken in reliance upon
    this message or its attachments is prohibited and may be unlawful. Any
    views or opinions presented are solely those of the sender and do not
    necessarily represent those of Centocor, Inc., or Johnson & Johnson.

    -----Original Message-----
    From: netnerd [mailto:nkavtpg.com.au]
    Sent: Tuesday, September 18, 2001 11:18 AM
    To: focus-linuxsecurityfocus.com
    Subject: Custom messages for failed ROOT logins on RedHat

    Hi, just curious if its possible to get PAM or TCP Wrappers... or anything
    else for that matter, to give me a custom error message, like:
      "go away & stop trying to login as root"
    When idiots try telnetting into my box. I know its possible to use TWIST
    with tcpd, but i dont want it to be host based! I just want it to happen
    when someone from any address tries to login as root.
    Is it possible to get PAM to return custom error messages??
    Any help/suggestions/flames appreciated

    netnerd