root login with telnetd
alex at schnarff.com
alex at schnarff.com
Sun Mar 11 00:18:16 UTC 2007
Quoting Beech Rintoul <beech at alaskaparadise.com>:
> Content-Type: text/plain;
> charset="iso-8859-1"
> Content-Transfer-Encoding: quoted-printable
> Content-Disposition: inline
>
> On Saturday 10 March 2007 12:52, Wojciech Puchar said:
>> can it be set to make possible to login root to machine through
>> telnet and without telneting to some user and then su -
>> ?
>>
>> with sshd and rshd it can be set, with telnetd - no success.
>
> That is a REALLY BAD idea. Why don't you just publish your address and
> set the root password to nothing. It's only going to take a cracker a
> couple of minutes or less to own your server once they find you (and
> they will).
In fact, it's such a bad idea that there's a Snort rule for it (and a
really old one at that):
alert tcp $TELNET_SERVERS 23 -> $EXTERNAL_NET any (msg:"TELNET root
login"; flow
:from_server,established; content:"login|3A| root";
classtype:suspicious-login;
sid:719; rev:7;)
Of course, if you really want to do this, I agree with everyone else --
just put your IP on this list, and we'll help you right on out. :-)
Alex Kirk
More information about the freebsd-questions
mailing list