Remote shell access
Remote shell/remote login access from arbitrary hosts.
The machine can be taken over by any malicious (super)user on the network.
When the remote login/remote shell service trusts every host on the
network, a malicious superuser on an arbitrary host can gain access as
any user (except perhaps root). Once inside, the intruder
can replace system programs or configuration files (such as the
password file) and take over the machine.
In addition, there are guest or administrative accounts that might not
have passwords protecting the account, which allows anyone to remotely
login as that user and gain access to the host.
Remove the wildcard (+) from the /etc/hosts.equiv file. Be careful with
the use of the -@group netgroup feature, as there are many
Delete or disable any accounts without a password from the system or
NIS password file.
- Give system accounts such as bin and daemon a
non-functional shell (such as /bin/false) and put them in
the /etc/ftpusers file so they cannot use ftp.
- See the
Guide to Cracking for an example of why this is a problem.