Re: Internet Worm

Supak Lailert \ (lailert@ucssun1.sdsu.edu)
Sat, 15 Oct 1994 08:14:05 -0700 (PDT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Julian Assange: "Re: Internet worm source code"
Previous message: Nick Andrew: "Re: Internet Worm (fwd)"
In reply to: James Seng: "Re: Internet Worm"
Next in thread: Joe Konczal: "Re: Internet Worm"

On Sat, 15 Oct 1994, James Seng wrote:

> Getting rid for r(sh/login/cp...) application maybe pain in the neck. 
> Enabled it may create backdoor for cracker. 
> 
> Anyway, what i did on my system is put a .rhosts file in every user 
> directory. chmod 000 .rhosts and chown root .rhosts. Not all user needs 
> .rhosts file. Those who wants to use them email me and i will chown back 
> to them. (any problem with that? :-)

Uh Oh SURE! There is a problem with that! Users have write permission to 
their home directories thus they can delete you .rhosts and create their 
own as they like. If the account is cracked, the cracker can build a new 
.rhosts at no time.

Regards,
Supak Lailert

=============================================================================
Supak Lailert -- MBA (Information System) Program, San Diego State University

lailert@ucssun1.sdsu.edu
lailert@aol.com
=============================================================================

Next message: Julian Assange: "Re: Internet worm source code"
Previous message: Nick Andrew: "Re: Internet Worm (fwd)"
In reply to: James Seng: "Re: Internet Worm"
Next in thread: Joe Konczal: "Re: Internet Worm"