LINUX r Services

by Andreas Schmidt.

	Tweet
Share	\|

Homepage | Submit your article | Contact | TOS

More articles on linux

You are here: Categories » Computers and technology » Linux

rlogind and rshd are the remote login and remote shell daemon. These so-called r services use TCP ports 513 and 514, respectively. The RLOGIN protocol is described in RFC 1282 and RSH in RFC.

The r services were developed at Berkeley to provide seamless ("Look, Ma—no password") authentication between trusted hosts and/or users.

Authentication between client and server is based on the client IP address, TCP port, and client username. The client IP address and username must match an entry in either the system-wide trusted hosts file (/etc/hosts.equiv), or a user trust file (~/.rhosts). An additional so-called safeguard is that the client connection must originate on a reserved TCP port—as only programs running with root privilege can do.

The r services are very popular with end-users and administrators, as manual entry of the password is not required (unlike with TELNET). Unfortunately, they are terminally insecure.

r Services Risks

Security of the r services is based on an extremely weak authentication model.

Authentication is based on weak credentials, the source IP and TCP port. The source IP and TCP port can be forged. The original designers assumed a trusted network. Even the UNIX man page for these commands recognizes this fact.

Combined with predictable sequence numbers, crackers had a field day with these services.

The following post gives a line-by-line account of a real hack where the weakness of rsh was exploited: http://www.cs.berkeley.edu/~daw/security/shimo-post.txt

Countermeasures

Avoid the r-services totally—switch to SSH. This protocol is just plain broken from a security perspective. Expend your security efforts on bigger rocks (for example, host hardening and security patching).

Leave a comment or ask a question

Total comments: 0

Disclaimer

The e-articles directory is not responsible for any and all copyright infringements by writers and authors. If you suspect the information contained by this page for any copyright infringements, please contact us to investigate the issue

History of KDE - In 1996, Matthias Ettrich posted a now famous newsgroup post that described some of the problems that he had with the Unix Desktop. Unix popularity grows thanks to the (more...)

History of Kubuntu - When Ubuntu was first being discussed there were rumors that it would be only based on GNOME, and KDE would be left out. Jonathan Riddell, a KDE developer, posted an article on his (more...)

Installing Kubuntu - Installing Kubuntu is just like installing Ubuntu. It is pretty much a snap. Let's start with where you find it. Where to Find Kubuntu Kubuntu is available a (more...)

Root iNode Corruption Cause Data Loss in Linux - Article contains information over root I node corruption failure causes data loss. Article also contains recovery solution for all kind of data loss in linux. In Linux and other Unix-like o (more...)

Short History of Ubuntu - Born in April 2004, a history of Ubuntu may seem premature. However, the last years have been full ones for Ubuntu. With its explosive growth, it is difficult even for those involv (more...)

Free Open source Software and GNU Linux - Free Software and GNUIn a series of events that have almost become legend through constant repetition, Richard M. Stallman created the concept of "free software" in 1983. Stallman grew (more...)

Choose an Ubuntu Version - The developers behind Ubuntu have worked to make the software as easy and flexible to install as possible. They understand that people will be installing Ubuntu on different types of computers (more...)

Customize Ubuntu Look and Feel - Changing the Background To change the background of your desktop right-click it and select Change Desktop Background. Inside the dialog box that appears, choose yo (more...)

Configuring a Printer in Ubuntu - In the Linux world, configuring a printer has traditionally been a challenge. For years, newcomers to Linux have been repeatedly challenged and even bludgeoned with terms, commands, and phrases (more...)

Working with Windows from inside Ubuntu - Although the Linux platform offers an increasingly compelling platform for the desktop, there are sometimes situations when there is just no alternative application available. This is often the (more...)

free content

Copyright © 2006 - 2012 e-articles.info.
The texts, articles and tutorials in the directory are property of their respective owners and authors.