Hi
Sorry for asking you making my work.
During this weekend, I could solve the problem.
I will summarize:
================================================
Problem:
tomsrtb telnetd doesn't ask password
Why is it a problem:
Everybody can gain a root shell immediately when telnetting
to your tomsrtbt.
Solving this problem:
1. Make a /bin/telnetd2 file:
---------------------------------
#!/bin/sh
# Modified telnetd script for tomsrtb
# Idea from then bsh netcap example
# It asks you a password before giving
# a shell
# Leave it with 'exit' (2 times)
/bin/dd count=1 > /dev/null 2>&1
while read qq ; do
qq=`echo $qq|/bin/sed -e 's/.$//'`
case "$qq" in
# here's your password
xxxx )
/usr/bin/ile /bin/ash -i
;;
exit )
exit 0
;;
esac
done
----------------------------------------
(You have to preserve the old telnetd script)
2. An excerpt from my rc.custom.gz:
------------------------------------------
cat>>inittab<<X
c7:5:respawn:/usr/bin/nc -l -p 23 -e /usr/bin/telnetd2
X
kill -HUP 1
-------------------------------------------
(Remember remove the # sign from the 'kill -HUP 1'!)
Remark:
With the officially netcat (nc) you can allow telnetting
only one host like this:
nc -l -p 23 -e /bin/telnetd host.ip.num.ber
but it doesn't work with BusyBox netcat
===========================================
And I rather find a howto password change,
sou perhaps it would be good in the tomsrtb.FAQ:
=========================================
How to make password for tomsrtbt?
echo -n newpassword | md5sum
(Don't forget the -n option for echo!)
=========================================
Thank you for your great linux distrib
Peter Borkuti
On Fri, May 10, 2002 at 10:35:56AM -0400, Tom Oehser wrote:
>
> > Could you write me, what will be in /usr/bin/login1 or could you
> > tell me some more information, I can't make it myself well.
>
> It is on my to-do list, but, I can't say whether I will get to it
> in an hour or a year. If you want it done in any dependable time
> you'll need to get it done yourself...
>
> -Tom
>
>
