From owner-freebsd-security Thu May 10 17:47:35 2001 Delivered-To: freebsd-security@freebsd.org Received: from mail4.enter.net (mail4.enter.net [63.65.0.24]) by hub.freebsd.org (Postfix) with ESMTP id AFFEB37B422 for ; Thu, 10 May 2001 17:47:32 -0700 (PDT) (envelope-from dh@enter.net) Received: from enter.net (bsder.enter.net [63.94.128.138]) by mail4.enter.net (8.11.2/8.11.2) with ESMTP id f4B0xx797055 for ; Thu, 10 May 2001 20:59:59 -0400 (EDT) Message-ID: <3AFB369D.5574182A@enter.net> Date: Thu, 10 May 2001 20:47:25 -0400 From: Daniel Hauer X-Mailer: Mozilla 4.76 [en] (X11; U; Linux 2.4.0-11mdk i586) X-Accept-Language: en MIME-Version: 1.0 To: freebsd-security@freebsd.org Subject: FreeBSD 4.3 RELEASE and -STABLE allows telnet root logins? Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hello all, After installing 4.3 release on one machine and upgrading 2 other machines to -STABLE, I noticed there is a new mechanism used in telnetd, namely this "SRA" authentication mechanism. While convienient, (you don't have to type your username) I found something VERY disturbing: If you are at a root prompt on any other BSD based machine, you can just telnet to the 4.3 machines, and login right in with the root username and password! This only apparently occurs from a BSD based machine, as Myself and a co-worker tried it from 2 different distribution Linux boxes, and we could not login as root. None of the switches for telnetd in the inetd.conf worked to our satisfaction, and after reading the sources, we recompiled telnetd with AUTHENTICATION=NO to disable this behavior. What is this "SRA authentication" ? And why is telnetd's default behavior to allow root logins at all? I realize that any self respecting sysadmin will either use ipfirewall, ipfilter, or good old inetd's hosts.allow file to limit telnet logins anyway, but the question still remains.... Why? Wouldn't this SRA with a "no root" login be a better idea? -- Regards, Daniel Hauer Network Administration http://www.enter.net "The Road To The Internet Starts There!" *************************************************************************** Windoze is for GAMES, UNIX is for the rest of us. UNIX is like the sights on a loaded gun. If you aim the gun at your foot and pull the trigger, it is the basic function of UNIX to accurately deliver the bullet from the gun to the target. In this case, it's your foot. *************************************************************************** To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message