10-07-2010
Quote:
Originally Posted by
Corona688
An attacker would have to modify arbitrary files as root, or induce inetd to run and/or modify arbitrary files as root, in order to kick RCP on; if he could do that you're screwed with or without RCP.
(I don't like inetd either, but because of how complicated it makes everything, not any particular security complications. It just runs daemons, the daemons run as per usual.)
Part of security is making it hard to open a vulnerability, and enabling easy detection of newly established holes. Once your sysytem is compromised, how hard it is to discover the trap door? An insider might put a listener on a cron somewhere so he can connect and get some sort of access without these executables, or with them renamed and running on odd ports. A PERL script could do this. You might need a port scanner to ensure you like all the listeners. Wherever you lock out the unwanted, now you need ways to ensure the lock has not been removed.
Many simple minded or strict security audits look for these commands installed, so removal becomes a political necessity.
(For one audit, I used a binary replace to make a new shared lib with a different trap door password, as we did not have the source or a clean, compatible version! However, the install default master password was still in use!)
Last edited by DGPickett; 10-07-2010 at 01:37 PM..
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
hi, i am on aix. i used smitty to remove a user..
but then found that its directory still exists....
so i have to remove the directory manually...
am i doing it the right way? (2 Replies)
Discussion started by: yls177
2 Replies
2. UNIX for Advanced & Expert Users
Hi..
When I execute a command, say for ex.. cp ../../* to ..../.../*
and then when I use escape K, enter... it shows the commands recently executed.
How can we remove that commands from buffer?
This is a sun-solaris 8 environment..
Thanks, ST2000 (3 Replies)
Discussion started by: ST2000
3 Replies
3. Programming
Hello all,
i've written a small piece of code that will read commands from standard input and executes the commands.
Its working fine and is execting the commands well. Accepting arguments too. e.g
#mkdir <name of the directory>
The problem is that its not letting me change the directory i.e... (4 Replies)
Discussion started by: Phrozen Smoke
4 Replies
4. Shell Programming and Scripting
I want to log into a remote server transfer over a new config and then backup the existing config, replace with the new config.
I am not sure if I can do this with BASH scripting.
I have set up password less login by adding my public key to authorized_keys file, it works.
I am a little... (1 Reply)
Discussion started by: bash_in_my_head
1 Replies
5. Shell Programming and Scripting
Hi,
I have a log file having size of 48mb.
For such a large log file. I want to get the message in a particular format which includes only unique error and exception messages.
The following things to be done :
1) To remove all the date and time from the log file
2) To remove all the... (1 Reply)
Discussion started by: Pank10
1 Replies
6. Shell Programming and Scripting
Hi Experts,
I actually need to remove multiple commas within the column not the entire row. Its comma delimited file
Actually the value seems to look like 1,006,000, when we open this in notepad or word pad the value look s like “1,006,000”
Actually our Sed command removes single comma and... (7 Replies)
Discussion started by: bshivali
7 Replies
7. AIX
Hi all,
I'm new in this forum.
I'm looking for the difference between the HACMP commands with the prefix "cl" and "cli".
The first type are under /usr/es/sbin/cluster/sbin directory and the second are under /usr/es/sbin/cluster/cspoc directory.
I know that the first are called HACMP for AIX... (0 Replies)
Discussion started by: peppix
0 Replies
8. Shell Programming and Scripting
Hi all,
I want to remove the remove bracket sign ( ) and put in the separate column I also want to remove the repeated entry like in first row in below input (PA156) is repeated
ESR1 (PA156) leflunomide (PA450192) (PA156) leflunomide (PA450192)
CHST3 (PA26503) docetaxel... (2 Replies)
Discussion started by: manigrover
2 Replies
9. Post Here to Contact Site Administrators and Moderators
In this thread: /shell-programming-and-scripting/255687-organizing-text-file-capital-names-capital-word-capital-word.html (sorry i cant use links)
that is not an example, those are real students names with real student login id's for the college i am attending and i am on that list. Please... (3 Replies)
Discussion started by: throwawayacc
3 Replies
10. UNIX for Beginners Questions & Answers
The bash below executes and does find all the .bam files in each R_2019 folder. However set -x shows that the .bam extension only gets removed from one .bam file in each folder (appears to be the last in each). Why is it not removing the extension from each (this is $SAMPLE)? Thank you :).
set... (4 Replies)
Discussion started by: cmccabe
4 Replies
LEARN ABOUT DEBIAN
canfield
CANFIELD(6) BSD Games Manual CANFIELD(6)
NAME
canfield, cfscores -- the solitaire card game canfield
SYNOPSIS
canfield
cfscores [-a] [user]
DESCRIPTION
If you have never played solitaire before, it is recommended that you consult a solitaire instruction book. In Canfield, tableau cards may be
built on each other downward in alternate colors. An entire pile must be moved as a unit in building. Top cards of the piles are available to
be played on foundations, but never into empty spaces.
Spaces must be filled from the stock. The top card of the stock also is available to be played on foundations or built on tableau piles.
After the stock is exhausted, tableau spaces may be filled from the talon and the player may keep them open until he wishes to use them.
Cards are dealt from the hand to the talon by threes and this repeats until there are no more cards in the hand or the player quits. To have
cards dealt onto the talon the player types 'ht' for his move. Foundation base cards are also automatically moved to the foundation when
they become available.
The command 'c' causes canfield to maintain card counting statistics on the bottom of the screen. When properly used this can greatly
increase one's chances of winning.
The rules for betting are somewhat less strict than those used in the official version of the game. The initial deal costs $13. You may
quit at this point or inspect the game. Inspection costs $13 and allows you to make as many moves as possible without moving any cards from
your hand to the talon. (The initial deal places three cards on the talon; if all these cards are used, three more are made available.)
Finally, if the game seems interesting, you must pay the final installment of $26. At this point you are credited at the rate of $5 for each
card on the foundation; as the game progresses you are credited with $5 for each card that is moved to the foundation. Each run through the
hand after the first costs $5. The card counting feature costs $1 for each unknown card that is identified. If the information is toggled
on, you are only charged for cards that became visible since it was last turned on. Thus the maximum cost of information is $34. Playing
time is charged at a rate of $1 per minute.
With no arguments, the program cfscores prints out the current status of your canfield account. If a user name is specified, it prints out
the status of their canfield account. If the -a flag is specified, it prints out the canfield accounts for all users that have played the
game since the database was set up.
FILES
/usr/games/canfield the game itself
/usr/games/cfscores the database printer
/var/games/bsdgames/cfscores
the database of scores
BUGS
It is impossible to cheat.
AUTHORS
Originally written: Steve Levine.
Further random hacking by: Steve Feldman, Kirk McKusick, Mikey Olson, and Eric Allman.
BSD
May 31, 1993 BSD