Date: Tue, 27 Feb 1996 00:17:21 -0800 (PST) From: Jim Dennis <jimd@mistery.mcafee.com> To: taob@io.org (Brian Tao) Cc: cschuber@orca.gov.bc.ca, freebsd-security@FreeBSD.ORG Subject: Re: Informing users of cracked passwords? Message-ID: <199602270817.AAA01133@mistery.mcafee.com> In-Reply-To: <Pine.BSF.3.91.960226200547.28975D-100000@zip.io.org> from "Brian Tao" at Feb 26, 96 08:08:14 pm
index | next in thread | previous in thread | raw e-mail
> > On Fri, 23 Feb 1996, Cy Schubert - BCSC Open Systems Group wrote: > > > > ALL EXCEPT rlogind rshd rexecd fingerd: ALL > > rlogind rshd rexecd: .io.org > > > > These two lines restrict rlogin, rsh, and rexec to hosts within the io.org > > domain while allowing connections to all other services from anywhere in the > > world. > > Yes, that sounds like a good idea to me. I'm toying with the idea > of disallowing rlogin and rsh connections from outside the io.org > domain and forcing users to supply passwords through a telnet > connection. Is there anything wrong with his idea? I know users will > kick and scream about it, but I can't think of any reason other than > security vs. convenience issues. > -- Anyone who kicks about the "inconvenience" of supplying a password to telnet should seriously consider learning 'expect' (on their *ix systems) or getting a script capable telnet client (on other systems). Give them a fish, feed them for a day, give them a scripting language ....home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199602270817.AAA01133>