Re: I think, rsh is quite obsolete

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Tue, Nov 14, 2006 at 12:40:10AM +0100, Krzysztof Halasa wrote:
> Just as with NFS for example. Is NFS evil too?

Basic NFS is pretty evil. Totally insecure.

> > It won't work with firewalls.
> 
> Of course it does. It can't work with dynamic NATs as it uses IP
> (and reserved TCP port) for access check but rsh is just a simple
> TCP connection to a well-known port.

The rsh protocol requires the server to make a second TCP connection back
to a low-numbered ephemeral port specified by the client, for the stderr
channel. If you haven't got a stateful, inspecting firewall, you're hosed.

-- 
The crew of the Enterprise encounter an alien life form which is
suprisingly neither humanoid nor made from pure energy.
    -- Things That Never Happen in "Star Trek" #22

-- 
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux