Re: Internet Worm

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Michael S. Hines: "Internet Worm Source Code"
• Previous message: Charles Howes: "Re: chmod 000 .rhosts - works?"
• In reply to: Brett Lymn: "Re: Internet Worm"
• Next in thread: Jonathan M. Bresler: "Re: Internet Worm"

Various methods of making users' and administrators' lives a pain
deleted.

Brett Lymn writes:

> This should stop the user creating a .rhosts file as there is a
> directory there with that name.  

Seems to me that we would all be better served by running daemons that
don't trust the user to determine valid remote authentication.  Why not
fix the r-daemons and login to ignore these files?  This is certainly
possible if a) you have source, and b) you're a competant enough
programmer to #ifdef the necessary bits of code into oblivion.

Unfortunatly, a) is rarely true.  It'd be nice if vendors would ship
their products secure.

-- 
                                             Steve Davis <strat@ksu.ksu.edu>
                                                     Kansas State University

• Next message: Michael S. Hines: "Internet Worm Source Code"
• Previous message: Charles Howes: "Re: chmod 000 .rhosts - works?"
• In reply to: Brett Lymn: "Re: Internet Worm"
• Next in thread: Jonathan M. Bresler: "Re: Internet Worm"