Re: root login with telnetd

2007-03-12 Thread Chris Kottaridis
On Sat, 2007-03-10 at 22:52 +0100, Wojciech Puchar wrote: can it be set to make possible to login root to machine through telnet and without telneting to some user and then su - ? with sshd and rshd it can be set, with telnetd - no success. My reasons for this being a bad idea isn't so

Re: root login with telnetd

2007-03-11 Thread Beech Rintoul
On Saturday 10 March 2007 22:14, Wojciech Puchar said: with sshd and rshd it can be set, with telnetd - no success. That is a REALLY BAD idea. Why don't you just publish your address and set the root password to nothing. It's only going to take a cracker a couple of minutes or less to

Re: root login with telnetd

2007-03-11 Thread Christian Walther
On 11/03/07, Wojciech Puchar [EMAIL PROTECTED] wrote: with sshd and rshd it can be set, with telnetd - no success. That is a REALLY BAD idea. Why don't you just publish your address and set the root password to nothing. It's only going to take a cracker a couple of minutes or less to own

Re: root login with telnetd

2007-03-11 Thread Wojciech Puchar
if you are so intelligent? There are and have been many known exploits through telnet. The most recent one a couple of weeks ago affects SunOS where you can, using telnet, get root privileges without even logging in as root. Telnet does it affect FreeBSD?

Re: root login with telnetd

2007-03-11 Thread Wojciech Puchar
Oh, it's really simple: *If* the machine you're trying to configure root access via telnet is connected to the internet - in other terms the telnet port on the machine is accessible from the internet - one can actually brute force his/her way in. so please crack me 83.18.148.142 or

Re: [freebsd-questions] root login with telnetd

2007-03-11 Thread Howard Jones
Wojciech Puchar wrote: can it be set to make possible to login root to machine through telnet and without telneting to some user and then su - ? with sshd and rshd it can be set, with telnetd - no success. once again - can someone answer my question instead of giving very intelligent

Re: [freebsd-questions] root login with telnetd

2007-03-11 Thread Wojciech Puchar
once again - can someone answer my question instead of giving very intelligent comments? ___ If I remember correctly, you edit /etc/ttys and set some of your ttyp* (i.e. network ptys) to be 'SECURE'. It really isn't a good idea though. The reason it

Re: [freebsd-questions] [freebsd-questions] root login with telnetd

2007-03-11 Thread Howard Jones
Wojciech Puchar wrote: so generalizing that telnet and rsh is bad is as stupid as telling that oxygen is bad as it makes fires. Well, that's true, but if you have the choice, there are better choices. You *can* hammer in nails with the butt of a gun, but there's a chance you'll somehow shoot

Re: [freebsd-questions] [freebsd-questions] root login with telnetd

2007-03-11 Thread Wojciech Puchar
There have been *many* problems over the years with rsh and telnet. rsh's security model comes from a time when people thought computers would never exactly true. so i use rsh between MY machines and rsh and telnet when sniffing is not a problem. wasn't easier just to answer the question?

Re: root login with telnetd

2007-03-11 Thread Sergio Lenzi
Hello... I see you issues about telenet... I use the inetd+telnet for more than 20 years and using BSD with RSA, and obviiously with a good password. I have never been cracked down... and I have 10 of my /etc/ttys entries setted to secure ttyp0 nonenetwork off secure

Re: root login with telnetd The FINAL SOLUTION

2007-03-11 Thread Sergio Lenzi
So. resuming: 1) change some lines in /etc/ttys to: ttyp0 nonenetwork off secure ttyp1 nonenetwork off secure ttyp2 nonenetwork off secure ttyp3 nonenetwork off secure ttyp4 none

Re: root login with telnetd The FINAL SOLUTION

2007-03-11 Thread Wojciech Puchar
works fine. thank you very much (point 6 wasn't needed) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: root login with telnetd

2007-03-11 Thread Hugo Silva
Wojciech Puchar wrote: Err, sure; and for completeness, be sure and send the IP back to this list, and publish it on the front page of your website/blog/whatnot. and what if i will? do you know my root password? OK, cynicism aside, why on earth would you want to do this? That's a fool's

Re: root login with telnetd

2007-03-11 Thread Hugo Silva
Sergio Lenzi wrote: Hello... I see you issues about telenet... I use the inetd+telnet for more than 20 years and using BSD with RSA, and obviiously with a good password. I have never been cracked down... and I have 10 of my /etc/ttys entries setted to secure ttyp0 none

Re: root login with telnetd The FINAL SOLUTION

2007-03-11 Thread Paul Schmehl
--On March 11, 2007 11:22:42 AM -0300 Sergio Lenzi [EMAIL PROTECTED] wrote: 7) telnet to your server should now allow root login What do you gain by allowing telnet access to your hosts that you don't get with ssh? Paul Schmehl ([EMAIL PROTECTED]) Senior Information Security Analyst The

Re: [freebsd-questions] [freebsd-questions] root login with telnetd

2007-03-11 Thread Christian Walther
On 11/03/07, Wojciech Puchar [EMAIL PROTECTED] wrote: There have been *many* problems over the years with rsh and telnet. rsh's security model comes from a time when people thought computers would never exactly true. so i use rsh between MY machines and rsh and telnet when sniffing is not a

Re: root login with telnetd

2007-03-11 Thread Gerard Seibert
On Sun, 11 Mar 2007 16:20:03 + Hugo Silva [EMAIL PROTECTED] wrote: [...] Oh well, your server, your password. Just don't say you were not warned. I believe the following sums up my feeling on the matter. It is not the OS's job to stop you from shooting yourself in the foot. Rather, if

Re: root login with telnetd

2007-03-11 Thread Wojciech Puchar
I believe the following sums up my feeling on the matter. It is not the OS's job to stop you from shooting yourself in the foot. boom... i'm dead.. at least for 4 years :) ___ freebsd-questions@freebsd.org mailing list

Re: root login with telnetd

2007-03-11 Thread Gerard Seibert
On Sun, 11 Mar 2007 21:46:50 +0100 (CET) Wojciech Puchar [EMAIL PROTECTED] wrote: I believe the following sums up my feeling on the matter. It is not the OS's job to stop you from shooting yourself in the foot. boom... i'm dead.. at least for 4 years :) Sorry to hear that!

Re: root login with telnetd

2007-03-11 Thread Wojciech Puchar
... ;; ;; :; ;:' :; ;:; ;. ,:' ; OOO\ ::; ; O\ ;:; ; ,;::; ;' / OOO ;:`. ,,,;./ / DOO

root login with telnetd

2007-03-10 Thread Wojciech Puchar
can it be set to make possible to login root to machine through telnet and without telneting to some user and then su - ? with sshd and rshd it can be set, with telnetd - no success. thank you ___ freebsd-questions@freebsd.org mailing list

Re: root login with telnetd

2007-03-10 Thread Kevin Kinsey
Wojciech Puchar wrote: can it be set to make possible to login root to machine through telnet and without telneting to some user and then su - ? with sshd and rshd it can be set, with telnetd - no success. Err, sure; and for completeness, be sure and send the IP back to this list, and

Re: root login with telnetd

2007-03-10 Thread Beech Rintoul
On Saturday 10 March 2007 12:52, Wojciech Puchar said: can it be set to make possible to login root to machine through telnet and without telneting to some user and then su - ? with sshd and rshd it can be set, with telnetd - no success. That is a REALLY BAD idea. Why don't you just publish

Re: root login with telnetd

2007-03-10 Thread alex
Quoting Beech Rintoul [EMAIL PROTECTED]: Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Saturday 10 March 2007 12:52, Wojciech Puchar said: can it be set to make possible to login root to machine through telnet and

Re: root login with telnetd

2007-03-10 Thread Wojciech Puchar
Err, sure; and for completeness, be sure and send the IP back to this list, and publish it on the front page of your website/blog/whatnot. and what if i will? do you know my root password? OK, cynicism aside, why on earth would you want to do this? That's a fool's errand in today's

Re: root login with telnetd

2007-03-10 Thread Wojciech Puchar
can it be set to make possible to login root to machine through telnet and without telneting to some user and then su - ? with sshd and rshd it can be set, with telnetd - no success. once again - can someone answer my question instead of giving very intelligent comments?

Re: root login with telnetd

2007-03-10 Thread Garrett Cooper
On Mar 10, 2007, at 11:16 PM, Wojciech Puchar wrote: can it be set to make possible to login root to machine through telnet and without telneting to some user and then su - ? with sshd and rshd it can be set, with telnetd - no success. once again - can someone answer my question instead of

Re: root login with telnetd

2007-03-10 Thread Wojciech Puchar
alert tcp $TELNET_SERVERS 23 - $EXTERNAL_NET any (msg:TELNET root login; flow :from_server,established; content:login|3A| root; classtype:suspicious-login; sid:719; rev:7;) could you please tell me who will be snorting it on MY network? Of course, if you really want to do this, I agree with

Re: root login with telnetd

2007-03-10 Thread Wojciech Puchar
with sshd and rshd it can be set, with telnetd - no success. That is a REALLY BAD idea. Why don't you just publish your address and set the root password to nothing. It's only going to take a cracker a couple of minutes or less to own your server once they find you (and they will). another