Remote shell on the Internet


Summary

Remote shell/remote login access may be possible.

Impact

The machine advertises rsh or rlogin as available services. SARA cannot determine if there are vulnerable accounts that can be accessed.

The problem

When the remote login/remote shell service trusts other hosts/and or users on the network, a malicious user could possibly gain access. However, SARA cannot verify that any vulnerability exists.

Fix

Review any .hosts or the /etc/hosts.equiv files do not have excessive permissions. Excessive permissions may include the "+" character.

Delete or disable any accounts without a password from the system or NIS password file.

Other tips