'we should all be uncomfortable with the extent to which luck ..'
Roeland Meyer
rmeyer at mhsc.com
Wed Jul 25 15:51:56 UTC 2001
> From: Mitch Halmu [mailto:mitch at netside.net]
> Sent: Wednesday, July 25, 2001 8:30 AM
>
> On Tue, 24 Jul 2001, Roeland Meyer wrote:
>
> > How many of us here run anything less than SSH and even
> allow telnetd to
> > live on any of our hosts?>
>
> Those (few) providers offering shell accounts still do.
Someone once proved to me, definitvely, how easy it is to crack root from a
shell account. Especially one that is allowed to execute their own code.
That night, I killed all shell accounts of users that I didn't personally
know and trust. Those that were left were introduced to SSH. This was
five-years ago.
More information about the NANOG
mailing list