root login with telnetd

alex at alex at
Sun Mar 11 00:18:16 UTC 2007

Quoting Beech Rintoul <beech at>:

> Content-Type: text/plain;
>   charset="iso-8859-1"
> Content-Transfer-Encoding: quoted-printable
> Content-Disposition: inline
> On Saturday 10 March 2007 12:52, Wojciech Puchar said:
>> can it be set to make possible to login root to machine through
>> telnet and without telneting to some user and then su -
>> ?
>> with sshd and rshd it can be set, with telnetd - no success.
> That is a REALLY BAD idea. Why don't you just publish your address and
> set the root password to nothing. It's only going to take a cracker a
> couple of minutes or less to own your server once they find you (and
> they will).

In fact, it's such a bad idea that there's a Snort rule for it (and a 
really old one at that):

alert tcp $TELNET_SERVERS 23 -> $EXTERNAL_NET any (msg:"TELNET root 
login"; flow
:from_server,established; content:"login|3A| root"; 
sid:719; rev:7;)

Of course, if you really want to do this, I agree with everyone else -- 
just put your IP on this list, and we'll help you right on out. :-)

Alex Kirk

More information about the freebsd-questions mailing list