|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Rangan, Govindaraj (govindr_at_ti.com)
Date: Wed Oct 30 2002 - 22:59:16 CST
Hi All,
Greetings.
Do all users on Win2K have access to the well-known ports? This
question arose when I was doing some security tests in a heterogeneous
environment with Windows and Solaris boxes. Solaris RSHD's only security is
that before allowing access, it checks the source host and source tcp port.
The host should be in hosts.equiv or .rhosts and the source tcp port should
be one of well known ports (0-1023). The rsh client is a setuid script and
starts as root. However on Windows 2000, it is possible for any user (not
necessarily an admin user) to open a "well known port" to connect to any
rshd.
Can we restrict access to well known ports to a certain user or
group? If not, the secure way is that Solaris hosts shouldn't trust Windows
hosts. Your help in resolving this is highly appreciated.
Regards,
Govind
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]