Date: Mon, 26 Feb 1996 20:08:14 -0500 (EST) From: Brian Tao <taob@io.org> To: cschuber@orca.gov.bc.ca Cc: FREEBSD-SECURITY-L <freebsd-security@FreeBSD.org> Subject: Re: Informing users of cracked passwords? Message-ID: <Pine.BSF.3.91.960226200547.28975D-100000@zip.io.org> In-Reply-To: <199602231757.JAA27883@passer.osg.gov.bc.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 23 Feb 1996, Cy Schubert - BCSC Open Systems Group wrote:
>
> ALL EXCEPT rlogind rshd rexecd fingerd: ALL
> rlogind rshd rexecd: .io.org
>
> These two lines restrict rlogin, rsh, and rexec to hosts within the io.org
> domain while allowing connections to all other services from anywhere in the
> world.
Yes, that sounds like a good idea to me. I'm toying with the idea
of disallowing rlogin and rsh connections from outside the io.org
domain and forcing users to supply passwords through a telnet
connection. Is there anything wrong with his idea? I know users will
kick and scream about it, but I can't think of any reason other than
security vs. convenience issues.
--
Brian Tao (BT300, taob@io.org)
Systems Administrator, Internex Online Inc.
"Though this be madness, yet there is method in't"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.91.960226200547.28975D-100000>