Date: Wed, 29 Oct 1997 15:56:45 -0500 (EST) From: Peter Philipp <pjp@globalserve.net> To: Dean <dean@thegrid.net> Cc: ringlord@bbs.dcoisp.net, freebsd-questions@FreeBSD.ORG Subject: Re: login as root remotely not possible? Message-ID: <Pine.BSF.3.96.971029154733.2713C-100000@tap.system.ca> In-Reply-To: <3.0.1.32.19971029090752.006a3fdc@mail.thegrid.net>
next in thread | previous in thread | raw e-mail | index | archive | help
> >Another reason this is a bad idea is that if someone does a dictionary > >attack on your telnet login root cannot be compromised. > > How would one gain access this way? > Dean Say your telnetd is not using tcp wrappers. And ttyp? is secure,as stated in /etc/ttys. Someone (who has a fast connection) and is really desperate to get into a system may run a program that tries to login as root and at every Password: tries a different passwd taken from a dictionary or a brute force method. Of course this is a lengthy process and if the root passwd is fairly good chances are slim. A administrator would probly catch a would-be hacker just by reading the syslogs. But imagine the administrator doesn't or goes on a 2 week vacation and the replacement doesn't read syslogs. Also if the box is a sort of forgotten ugly duckling on a network and noone even used in in months, and syslogs aren't forwarded anywhere. This is a _what if_ situation but the reality is that some people would do such a attack. Peter
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.971029154733.2713C-100000>