Remote shell on the Internet
Remote shell/remote login access may be possible.
The machine advertises rsh or rlogin as available services. SARA cannot
determine if there are vulnerable accounts that can be accessed.
When the remote login/remote shell service trusts other hosts/and or
users on the
network, a malicious user could possibly gain access. However, SARA
cannot verify that any vulnerability exists.
Review any .hosts or the /etc/hosts.equiv files do not
have excessive permissions. Excessive permissions may include the "+"
Delete or disable any accounts without a password from the system or
NIS password file.
- Give system accounts such as bin and daemon a
non-functional shell (such as /bin/false) and put them in
the /etc/ftpusers file so they cannot use ftp.
- See the
Guide to Cracking for an example of why this is a problem.