I think, rsh is quite obsolete
Dave Mitchell
davem at iabyn.com
Tue Nov 14 00:56:30 UTC 2006
On Tue, Nov 14, 2006 at 12:40:10AM +0100, Krzysztof Halasa wrote:
> Just as with NFS for example. Is NFS evil too?
Basic NFS is pretty evil. Totally insecure.
> > It won't work with firewalls.
>
> Of course it does. It can't work with dynamic NATs as it uses IP
> (and reserved TCP port) for access check but rsh is just a simple
> TCP connection to a well-known port.
The rsh protocol requires the server to make a second TCP connection back
to a low-numbered ephemeral port specified by the client, for the stderr
channel. If you haven't got a stateful, inspecting firewall, you're hosed.
--
The crew of the Enterprise encounter an alien life form which is
suprisingly neither humanoid nor made from pure energy.
-- Things That Never Happen in "Star Trek" #22
More information about the fedora-devel-list
mailing list