On Wed, 7 Dec 1994, Bonfield James wrote: > ... > Remember the "rlogin -l -froot" type bugs some time ago? At the time I > mentioned that "-l -hhostname" could also be used to spoof hostnames in the > wtmp files. This is still true. The reason I haven't posted again about this > earlier is that we've been having a couple problems ourselves. Using the tcp > wrapper helps things, but it's only just been installed (despite the fact that > I've requested it numerous times). > > A typical spoof would be: > > rlogin targethost -l -htargethost > > Then type in the user and password. It'll then appear to last, who and > probably finger, on targethost that the user has logged in from that system, > not from remotely. > ... okay, 4.1.3_u1 works correct (read: "safe" ;-) in this case, but if talking about spoofing, why not to use the simple trick with C-shell: rsh hostname /bin/csh -bif it logs you in without tty, but also without any entries in [wu]tmp files.. that's all.. --alex. --- Alexander L. Haiut Ben-Gurion University of the Negev, Beer-Sheva, Israel ________________________________________ e-mail : alx@cs.bgu.ac.il voice : +972-7-461658