REXEC has gotten a bad rap. Mostly because it starts with R , and everyon e know that the R- commands are insecure...
I went to the trouble to look up REXEC in books on Unix Security. There a re two problems listed: 1. You send a userid and password in the clear. (So do telnet, ftp, etc.) . 2. You should not run anything you aren't actually using. (?) So, REXEC shows up on everyone's lists of BAD THINGS. Hogwash! Of course, it would be better if we used SSL to secure all passwords. Are you using SSL for your logins? If not, don't worry about REXEC. Do the alternate protocols mentioned (MSP/MSGD, UFT) provide secure commu nications? Are there SSL-supporting clients available for VM? Alan Ackerman Alan (dot) Ackerman (at) Bank of America (dot) com
