root login with telnetd
cptsalek at gmail.com
Sun Mar 11 09:43:42 UTC 2007
On 11/03/07, Wojciech Puchar <wojtek at tensor.gdynia.pl> wrote:
> >> with sshd and rshd it can be set, with telnetd - no success.
> > That is a REALLY BAD idea. Why don't you just publish your address and
> > set the root password to nothing. It's only going to take a cracker a
> > couple of minutes or less to own your server once they find you (and
> > they will).
> another stupid one not answering the question.
> could you describe how you get my password in a couple of minutes if you
> are so intelligent?
Oh, it's really simple: *If* the machine you're trying to configure
root access via telnet is connected to the internet - in other terms
the telnet port on the machine is accessible from the internet - one
can actually brute force his/her way in.
And in days of broadband connection several hundred different
passwords can be guessed in a matter of seconds.
There are tools like "john" that can do a bruteforce or dictionary
attacks against password files, but there are similar tools that can
do this over the network.
To answer the question who should be able to snort you: Some script
kiddies who don't understand what's actually going on, but who want to
have some fun.
This is why you've been told that configuring root access via telnet
is a bad idea, just as any other here on this list is being told that
it is a bad to configure root login via ssh - for the very same
And people asked you for your IP so that they could take care of your
host. Since we can't know the IP adress of your host we had to ask. ;)
But people who want to crack other machines don't need specific IP
adress, they just scan entire networks. As most list members can tell
you there are constant attacks against open ssh ports are going on.
So this isn't stupidity really.
More information about the freebsd-questions