No I was able to login in locally even though there was NO /bin/login I did a find / -name login and found it in /usr/lib/heimdal/bin and it may not be the one from /bin but it works, I am login in via ssh, now and have quit using telnet, but is there a way to ssh in windows? I am going to reload this weekend (suse 7.2) because there may be some back doors so no worries Brandon Caudle -------------- 15yr Old Avid Unix User (HP-UX,FreeBSD,Linux) Larkhaven Golf Course Charlotte, NC "There cannot be a crisis next week. My schedule is already full." -- Henry Kissinger ----- Original Message ----- From: <dog@intop.net> To: "Brandon Caudle" <bcaudle@hotmail.com> Cc: "Suse" <suse-linux-e@suse.com> Sent: Friday, August 31, 2001 10:44 AM Subject: Re: [SLE] /bin/login missing
i dont think /bin/login is missing or else you would not even be able to login locally. i would use ssh rather than telnet anyway and im sure you have been told that by others. telnet just isnt secure. if you must run it, dont allow everyone access to it. for example, i can do telnet ns1.larkhavengolf.com and get a login prompt. of course i dont have an account so i cant login but i could attempt to and if i knew email addresses for users on your system, i would have a good starting point (all i would have to do is guess a password). while ssh does exactly the same thing as telnet, at least its encrypted. here are some basic security tips...
1. dont run any services you dont need i believe you are running apache, sendmail, bind, telnet, pop3, ssh and ftp 2. only allow access to certain services based on ip addresses. make use of /etc/hosts.allow for this, especially for things like telnet, pop3, sshd and ftp 3. do not, please, run samba on your valid ip address. you can setup which interface to listen on in /etc/smb.conf. its fine to listen on the local lan address, but having port 139 open on the wan address is dangerous. 4. keep up with updates. especially on things like bind and sendmail and ftp and telnet. 5. run a port scan of your machine and see what all shows up. is there anything there you didnt know was running? if so, shut it down 6. pick a good root password, one that is at least 8 characters long with weird things like ? and ^ in it along with lower and uppercase letters. 7. dont allow users to have shells on your system if they dont need them. ftp and pop3 both work without the user having a valid shell. the only reason someone needs a shell is if they want to do is check email and store files with ftp. you can eliminate their shell by changing /bin/bash to /bin/false after their username in /etc/passwd 8. remove unneccessary accounts from /etc/passwd. things like codadmin and such. suse is notorious for loading up the /etc/passwd file with junk accounts.
these are just suggestions, things i do to make our servers more secure. i have seen lots of people throw up a linux box on the internet and it get hacked right away because of something minor that was overlooked and all of a sudden the guys in suits that make all the decisions decide that they should use NT because it is more secure (or at least thats what the high paid consultants who come in tell them) I not saying this would happen to you, just that i have seen it happen before and you seem pretty new to this so I just wanted to give you some advice.
On Wed, 29 Aug 2001, Brandon Caudle wrote:
Hey Everyone, Recently, I have been unable to telnet into my machine (Suse 7.2). This is because /bin/login is missing, (I am very suspious about this) So how do I go about replacing it?
Thanks,
Brandon Caudle -------------- 15yr Old Avid Unix User (HP-UX,FreeBSD,Linux) Larkhaven Golf Course Charlotte, NC
"There cannot be a crisis next week. My schedule is already full." -- Henry Kissinger
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq and the archives at http://lists.suse.com
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq and the archives at http://lists.suse.com