Bugtraq mailing list archives
Re: Internet Worm
From: strat () ksu ksu edu (Steve Davis)
Date: Mon, 17 Oct 1994 06:38:33 -0500
Various methods of making users' and administrators' lives a pain deleted. Brett Lymn writes:
This should stop the user creating a .rhosts file as there is a directory there with that name.
Seems to me that we would all be better served by running daemons that don't trust the user to determine valid remote authentication. Why not fix the r-daemons and login to ignore these files? This is certainly possible if a) you have source, and b) you're a competant enough programmer to #ifdef the necessary bits of code into oblivion. Unfortunatly, a) is rarely true. It'd be nice if vendors would ship their products secure. -- Steve Davis <strat () ksu ksu edu> Kansas State University
Current thread:
- Re: Internet Worm George Hodson (Oct 14)
- Re: Internet Worm James Seng (Oct 15)
- <Possible follow-ups>
- Re: Internet Worm Rik Farrow (Oct 15)
- Re: Internet Worm Brett Lymn (Oct 16)
- Re: Internet Worm Steve Davis (Oct 17)
- Re: Internet Worm Jonathan M. Bresler (Oct 17)
- Re: Internet Worm Perry E. Metzger (Oct 17)
- Re: Internet Worm Jonathan M. Bresler (Oct 17)
- Re: Internet Worm Perry E. Metzger (Oct 17)
- Re: Internet Worm Bennett Todd (Oct 17)
- Re: Internet Worm Perry E. Metzger (Oct 18)
- Re: Internet Worm Scott Schwartz (Oct 18)
- Re: Internet Worm Perry E. Metzger (Oct 18)
- Re: Internet Worm Steve Davis (Oct 17)
- Re: Internet Worm Christine R. Gressley (Oct 17)
- r commands Aleph One (Oct 17)