On Mon, 23 Jan 1995, Christopher Klaus wrote: > > If you simulate a connection from trusted host and trusted account to > something like the rsh port with the following command: > > echo "+ +" > .rhosts > > The attacker doesn't need to see the reply packets, but now he/she is > able to rlogin/rsh in from anywhere. > This is asuming that you can reach the r-commands deamons to begin with. If the firewall filters those then you can still only have a one way connection to the machine. a1 http://underground.org