Quoting Beech Rintoul <[EMAIL PROTECTED]>:
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
On Saturday 10 March 2007 12:52, Wojciech Puchar said:
can it be set to make possible to login root to machine through
telnet and without telneting to some user and then su -
?
with sshd and rshd it can be set, with telnetd - no success.
That is a REALLY BAD idea. Why don't you just publish your address and
set the root password to nothing. It's only going to take a cracker a
couple of minutes or less to own your server once they find you (and
they will).
In fact, it's such a bad idea that there's a Snort rule for it (and a
really old one at that):
alert tcp $TELNET_SERVERS 23 -> $EXTERNAL_NET any (msg:"TELNET root
login"; flow
:from_server,established; content:"login|3A| root";
classtype:suspicious-login;
sid:719; rev:7;)
Of course, if you really want to do this, I agree with everyone else --
just put your IP on this list, and we'll help you right on out. :-)
Alex Kirk
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
