>As I understand it, the .rhosts file (yes, the first char is a dot) on NT
>gives a list of allowed clients names or IP addresses, and allowed users. In
>turn, those user ids would be restricted by their profiles on NT. But this is
>for the remote shell service, there is no rexec daemon provided on the
>ResKit, perhaps because the traffic is unencrypted, so hiding behind a
>sniffable password is worse than no password. So we massively restrict it to
>the one user id that is only used for remote shell access and nothing else.
>
>I saw the recommends against remote shell, including Microsoft's own. I tend
>to agree. Allowing access creates risks, one way to be secure is to be stand
alone; the invaders tend to storm the gates (no pun intended). Where we
>do allow access, we need to provide better than average security.

>----------
>From:  Doug Larson[SMTP:[log in to unmask]]
>Sent:  Monday, November 03, 1997 7:50 PM
>To:    Stigers, Greg  ~ AND
>Subject:       RE: 3K to NT job initiation
>
>
>Greg -
>
>I got remsh from Telamon and will install the server as soon as I get the
>NT Resource Kit (waiting for accounting).
>
>I did some searching on the net and everywhere I look, it seems, people are
>recommending *against* running the remote shell server.  From your example,
>it appears that commands are executed with just a username, no password
>required, so I need to see if our router can block the port or whatever
>remsh uses to connect.  I'm less worried about internal LAN users figuring
>out how to hack using remsh.
>
>Do you know anything about the security side of it?  What keeps your NT
>safe at night?
>
>Doug
>
>