HPE Community
Operating System - Linux
1826396 Members
3731 Online
109692 Solutions
New Discussion

Re: Question about monitoring

 
Daniel Schneider
Advisor

‎02-06-2002 12:29 AM

‎02-06-2002 12:29 AM

Question about monitoring

Hi all,
I have a problem with an application, which runs on unix-server. The front-end is used by a windows client, who connects with rexec. Now there is something wrong with login: A user who is known in the password list, and who is able to login in unix, cannot login with the client via rexec. I thin in the login procedure of the clientsoftware it looks in a file with further login information specific from the server application.
How can I monitor, which files will be asked or searched while logging in with the clientsoftware?

Thanks for all help!!

Best regards
Daniel :-)
0 Kudos
Reply
2 REPLIES 2
harry d brown jr
Honored Contributor

‎02-07-2002 06:15 AM

‎02-07-2002 06:15 AM

Re: Question about monitoring

With rexec you need to open the /etc/services file for exec.

As for watching a process to determine what files it has open, use "lsof".

live free or die
harry
Live Free or Die
0 Kudos
Reply
Kodjo Agbenu
Honored Contributor

‎02-08-2002 02:22 PM

‎02-08-2002 02:22 PM

Re: Question about monitoring

Hello,

I did the test, and found significant difference between REXEC.EXE and RSH.EXE.

My NT box is named "kikik83", the Linux machine is "babasse".

My login on NT is "agbenu", while on Linux it is "kodjo".

On Linux, the .rhosts file in my home directory (/home/kodjo) contains only the following line :

kikik83 agbenu


Then from the NT box, I did the following tests :

-> With "REXEC.EXE babasse ls", it asks for username (kodjo) and password (Linux one). Then it succeeds if I type the Linux user/pass.

-> With "REXEC.EXE babasse -l kodjo ls", it only asks for the Linux password, then succeeds.

-> With "RSH.EXE babasse ls", it doesn't ask for anything, but fails with "Permission denied.". I guess the username automatically submitted by RSH.EXE is not the right one (agbenu instead of kodjo).

-> With "RSH.EXE babasse -l kodjo ls", it succeeds without asking for username or password.


Therefore, my conclusion is :

* REXEC.EXE should be reserved for interactive tasks, where the username and password can be typed on demand.

* RSH.EXE is better for batch, but anybody on the network could just use your NT hostname/IP and type "-l your_linux_login_name" to get access to your Linux account. It is a security hole !


Good luck.


Kodjo

Learn and explain...
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.