> > > > > That would be a very poor fix, as it would only keep out people using the > hole to access 'root'. rsh machine -l -fbin would still work, and if AIX is > like most Unixes, getting access to bin, daemon, or one of the other system > users leaves little work left to get root. Plus you can login as any real > user on the system, passwords are meaningless. > I tried doing rlogin -l -fbin, -fdaemon, etc. It only worked for accounts that had their passwords set, such as root and regular accounts. Since bin and daemon had their passwords as * instead of a real password, I assume login didnt check getty or something was diverting it from letting you gain access. So, its just a matter of fingering the aix machine to find other accounts to log in as. -- Christopher William Klaus <cklaus@shadow.net> <iss@shadow.net> Internet Security Systems, Inc. 2209 Summit Place Drive, Atlanta,GA 30350-2430. (404)998-5871.