Remotely edit user disk quota

Kirk Strauser kirk at
Thu May 28 19:44:52 UTC 2009

On Thursday 28 May 2009 02:34:02 pm Wojciech Puchar wrote:

> And yes - i do log as root by "insecure" rsh and telnet.

OK, I'm now promoting you to "batshit insane".  Seriously, there's no excuse 
for running telnet - even in a "secure" (ha!) environment - when so much 
better alternatives exist.

Let me shoot you a hypothetical: your webserver gets compromised.  The 
intruder uses a little ARP poisoning to launch a MITM attack between your 
workstation and the database server.  He comes back a couple hours later and 
uses your plaintext root password to make a backup of your database for his 
personal use.

Oh, but that could never happen to you, because you run a PtP VPN between 
every pair of machines on your network, said network being separated from the 
Internet by a 2 meter air gap and a Doberman Pinscher.

Seriously, using telnet today is flat-out stupid, and I'd fire you in a second 
if you brought that level of bullheaded incompetence into my company.

Kirk Strauser

More information about the freebsd-questions mailing list