gbarnet@uswnvg.UUCP (Gary Barnette) (06/26/91)
I would like to know how some sights handle the incredible security hole opened up when a system crashes or a system is down for scheduled maintanance. A PC with the rsh command or a workstation can change their IP address and reboot, effectively mascarading as the downed multi-user machine. It can then preform rlogin's or rsh's as ROOT (or another user) to any another multi-user unix system that has the downed system in their .rhosts file. I know that this is not a new problem and the removal of the .rhosts files would prevent it but as an administrator I don't know if I want to be a victim of my own policy. Would Kerberos cure this security illness? Thanks to all that contribute, Gary Barnette US West NewVector {uunet, sequent}!uswnvg!gbarnet
jik@cats.ucsc.edu (Jonathan I. Kamens) (06/26/91)
In article <925@uswnvg.UUCP>, gbarnet@uswnvg.UUCP (Gary Barnette) writes: |> Would Kerberos cure this security illness? Yes. -- Jonathan Kamens jik@CATS.UCSC.EDU