The R-services has used in the good old days of (campus) wide open Unix
clusters of machines. It was used to hop from one server to the next with as
little as possible effort - it's almost the same as telnet or SSH - it gives
you a shell (or executing a command). Nowadays it is not very common to find
Unix servers with r login or r shell ports open. R shell is basically an
extension of r login- R shell will execute a command after logging in with
the username and password specified. For the purposes of this document we
can see r loginand rs has the same. These two services are protected by the
".rhosts" file(s). These files reside in a user directory and contain the IP
numbers (or DNS names) and usernames on the remote machines that could
assume control on the local machine.
But heck - I am not here to explain how rloginand rshworks - the only
thing that needs to be said here is that you could also try to get into a
machine using it. It works much the same as telnet - all the same principles
apply- try getting usernames etc. Sometimes rloginis used in conjunction
with other tricks - if you can get a "+ +" (allow anyone from anywhere) in
the .rhostfile you are made - see the X11 section.
clusters of machines. It was used to hop from one server to the next with as
little as possible effort - it's almost the same as telnet or SSH - it gives
you a shell (or executing a command). Nowadays it is not very common to find
Unix servers with r login or r shell ports open. R shell is basically an
extension of r login- R shell will execute a command after logging in with
the username and password specified. For the purposes of this document we
can see r loginand rs has the same. These two services are protected by the
".rhosts" file(s). These files reside in a user directory and contain the IP
numbers (or DNS names) and usernames on the remote machines that could
assume control on the local machine.
But heck - I am not here to explain how rloginand rshworks - the only
thing that needs to be said here is that you could also try to get into a
machine using it. It works much the same as telnet - all the same principles
apply- try getting usernames etc. Sometimes rloginis used in conjunction
with other tricks - if you can get a "+ +" (allow anyone from anywhere) in
the .rhostfile you are made - see the X11 section.
No comments:
Post a Comment