Rsh works one direction

Darrin Chandler dwchandler at stilyagin.com
Mon Jan 2 08:37:23 MST 2006


Roderick Ford wrote:

> Okay Darrin,
> I do have a question for you.
> Is rsh bad for security on an internal LAN if the members of the LAN 
> are  fully trusted?
>
> The situation is this: I use ssh as my PVM_RSH already for the Linux  
> boxes, but am trying to pull in the childrens' Windows (please excuse 
> the  bad language) boxes using PVM3.4.  So if my 5 year oldest child 
> wants to  hack into my internal boxes via the insecurities of RSH, 
> then I will  encourage him to do so at my expense, for his 
> experience.  However, behind  my firewall that gives me some sense of 
> security, is rsh still a external  network risk?

If the internal hosts are "fully trusted" then you have no need of any 
security at all. But just because you trust your kids doesn't mean you 
should trust the computers they use. Firewalls won't stop an exploit 
using http protocol, or emailed viruses, etc. Once something does get 
inside then you'd be quite vulnerable. Common exploits these days are 
Windows-only, and wouldn't ever give your linux computer any trouble no 
matter how open it was. Unless someone gets in and starts looking around 
inside your home network you're probably okay (it's quite possible).

Perhaps the risk is worth it to you. The "cost" of a compromised linux 
box might be only a reinstall for you. I wouldn't do it, but then I'm 
paranoid. I do online banking. I'd hate to have someone install a 
keylogger on my boxen!

-- 
Darrin Chandler
dwchandler at stilyagin.com
http://www.stilyagin.com/



More information about the PLUG-discuss mailing list