Subject: | |
From: | |
Reply To: | Stigers, Greg ~ AND |
Date: | Tue, 4 Nov 1997 20:19:19 -0500 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
>As I understand it, the .rhosts file (yes, the first char is a dot) on NT
>gives a list of allowed clients names or IP addresses, and allowed users. In
>turn, those user ids would be restricted by their profiles on NT. But this is
>for the remote shell service, there is no rexec daemon provided on the
>ResKit, perhaps because the traffic is unencrypted, so hiding behind a
>sniffable password is worse than no password. So we massively restrict it to
>the one user id that is only used for remote shell access and nothing else.
>
>I saw the recommends against remote shell, including Microsoft's own. I tend
>to agree. Allowing access creates risks, one way to be secure is to be stand
alone; the invaders tend to storm the gates (no pun intended). Where we
>do allow access, we need to provide better than average security.
>----------
>From: Doug Larson[SMTP:[log in to unmask]]
>Sent: Monday, November 03, 1997 7:50 PM
>To: Stigers, Greg ~ AND
>Subject: RE: 3K to NT job initiation
>
>
>Greg -
>
>I got remsh from Telamon and will install the server as soon as I get the
>NT Resource Kit (waiting for accounting).
>
>I did some searching on the net and everywhere I look, it seems, people are
>recommending *against* running the remote shell server. From your example,
>it appears that commands are executed with just a username, no password
>required, so I need to see if our router can block the port or whatever
>remsh uses to connect. I'm less worried about internal LAN users figuring
>out how to hack using remsh.
>
>Do you know anything about the security side of it? What keeps your NT
>safe at night?
>
>Doug
>
>
|
|
|