I guess I'd reference dsniff right about now. Physical access makes it easier, but it is not required. ---------------------------------------------------------------------------- ----------- http://www.monkey.org/~dugsong/dsniff/faq.html#What%20is%20dsniff 1.1. What is dsniff? dsniff is a collection of tools for network auditing and penetration testing. dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf, and webspy passively monitor a network for interesting data (passwords, e-mail, files, etc.). arpspoof, dnsspoof, and macof facilitate the interception of network traffic normally unavailable to an attacker (e.g, due to layer-2 switching). sshmitm and webmitm implement active monkey-in-the-middle attacks against redirected SSH and HTTPS sessions by exploiting weak bindings in ad-hoc PKI. ---------------------------------------------------------------------------- ----------- Besides, why use telnet when you can use the other features of ssh, scp,sftp, x11fowarding, etc? after a while, ssh just seems to be more useful than telnet for interactive access to a system anyhow. Actually, I doubt many recommend the ability to ssh directly either. I know I do not recommend setting systems up this way. Always come in as a non-privileged user and then "su". wilson -----Original Message----- From: redhat-list-bounces@xxxxxxxxxx [mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of Shekhar Dhotre Sent: Friday, August 25, 2006 10:12 AM To: Bliss, Aaron; General Red Hat Linux discussion list Subject: RE: Permit root login for telnet.. OK , no one has access to network room here than Coms guys . Even I cannot go in as I am in Unix/Storages group. Our comm. guys are not interested in checking our passwords. Also they have access to most of the prod switches, so they are trusted by the business. Again not a risk . -----Original Message----- From: Bliss, Aaron [mailto:ABliss@xxxxxxxxxxxxxxxxx] Sent: Friday, August 25, 2006 9:44 AM To: Shekhar Dhotre; General Red Hat Linux discussion list Subject: RE: Permit root login for telnet.. Sure, just turn on ethereal, plug into the span port on the switch. Very straight forward; there are even software based packet sniffers than can sniff past switches. Aaron -----Original Message----- From: Shekhar Dhotre [mailto:sdhotre@xxxxxxxxxxxx] Sent: Friday, August 25, 2006 9:25 AM To: Bliss, Aaron; General Red Hat Linux discussion list Subject: RE: Permit root login for telnet.. Again that's all good . But, can you tell me how to see password of other sysadmin if he is accessing system via telnet? -----Original Message----- From: Bliss, Aaron [mailto:ABliss@xxxxxxxxxxxxxxxxx] Sent: Friday, August 25, 2006 9:22 AM To: Bliss, Aaron; Shekhar Dhotre; General Red Hat Linux discussion list Subject: RE: Permit root login for telnet.. Telnet is also vulnerable to man in the middle attacks and ssh offers post authentication; telnet does not. Aaron -----Original Message----- From: redhat-list-bounces@xxxxxxxxxx [mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of Bliss, Aaron Sent: Friday, August 25, 2006 9:13 AM To: Shekhar Dhotre; General Red Hat Linux discussion list Subject: RE: Permit root login for telnet.. Telent is a clear text protocol; ssh isn't. -----Original Message----- From: redhat-list-bounces@xxxxxxxxxx [mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of Shekhar Dhotre Sent: Friday, August 25, 2006 9:11 AM To: General Red Hat Linux discussion list Subject: RE: Permit root login for telnet.. I have used telnet before ssh came in to the market . Do you know how to hack telnet ? or break a root password without having physical access to the system ? most likely the answer will be - NO .. so what's the big deal in ssh vs. telnet ? -----Original Message----- From: redhat-list-bounces@xxxxxxxxxx [mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of Greg Golin Sent: Friday, August 25, 2006 2:12 AM To: General Red Hat Linux discussion list Subject: Re: Permit root login for telnet.. Dear Arun, You do NOT want to enable root login via telnet - trust me on this one. Please tell the list what you are trying to accomplish - 99.9% chance is that whatever you are trying to do can, and should be done via ssh. Kind Regards, Gregory Golin Systems Admin On 8/24/06, Arun Williams <perks_williams@xxxxxxxxxxx> wrote: > How can i enable root login for telnet.... > > I tried editing /etc/pam.d/login .... but no use > > > ____________________________ > Regards > A.Williams > IN THIS WORLD FULL OF DREAMS AND IMAGINATION, LOOK FOR POSSIBILITIES... > > > > > --------------------------------- > Here's a new way to find what you're looking for - Yahoo! Answers > Send FREE SMS to your friend's mobile from Yahoo! Messenger Version 8. Get it NOW > -- ------------------------------------------------------------------------------ Notice: This e-mail message, together with any attachments, contains information of Merck & Co., Inc. (One Merck Drive, Whitehouse Station, New Jersey, USA 08889), and/or its affiliates (which may be known outside the United States as Merck Frosst, Merck Sharp & Dohme or MSD and in Japan, as Banyu - direct contact information for affiliates is available at http://www.merck.com/contact/contacts.html) that may be confidential, proprietary copyrighted and/or legally privileged. It is intended solely for the use of the individual or entity named on this message. If you are not the intended recipient, and have received this message in error, please notify us immediately by reply e-mail and then delete it from your system. ------------------------------------------------------------------------------ -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
