Rsh works one direction
Darrin Chandler
dwchandler at stilyagin.com
Mon Jan 2 08:37:23 MST 2006
Roderick Ford wrote:
> Okay Darrin,
> I do have a question for you.
> Is rsh bad for security on an internal LAN if the members of the LAN
> are fully trusted?
>
> The situation is this: I use ssh as my PVM_RSH already for the Linux
> boxes, but am trying to pull in the childrens' Windows (please excuse
> the bad language) boxes using PVM3.4. So if my 5 year oldest child
> wants to hack into my internal boxes via the insecurities of RSH,
> then I will encourage him to do so at my expense, for his
> experience. However, behind my firewall that gives me some sense of
> security, is rsh still a external network risk?
If the internal hosts are "fully trusted" then you have no need of any
security at all. But just because you trust your kids doesn't mean you
should trust the computers they use. Firewalls won't stop an exploit
using http protocol, or emailed viruses, etc. Once something does get
inside then you'd be quite vulnerable. Common exploits these days are
Windows-only, and wouldn't ever give your linux computer any trouble no
matter how open it was. Unless someone gets in and starts looking around
inside your home network you're probably okay (it's quite possible).
Perhaps the risk is worth it to you. The "cost" of a compromised linux
box might be only a reinstall for you. I wouldn't do it, but then I'm
paranoid. I do online banking. I'd hate to have someone install a
keylogger on my boxen!
--
Darrin Chandler
dwchandler at stilyagin.com
http://www.stilyagin.com/
More information about the PLUG-discuss
mailing list