Enabling telnet, ftp, pop3 for root... - Security

This is a discussion on Enabling telnet, ftp, pop3 for root... - Security ; Hello, I am wanting to enable root to be able to establish a telnet, ftp, and pop3 sessions. Yes, I know that in 99.9% of situations, this would be thought of as "bad", however I have a 00.1% situation where ...

+ Reply to Thread
Results 1 to 8 of 8

Thread: Enabling telnet, ftp, pop3 for root...

  1. Enabling telnet, ftp, pop3 for root...

    Hello, I am wanting to enable root to be able to establish a telnet, ftp,
    and pop3 sessions.

    Yes, I know that in 99.9% of situations, this would be thought of as "bad",
    however I have a 00.1% situation where it isn't a problem. I have two older
    computers connected only to each other. They aren't connected to the
    internet. I use them for a variety of things, including testing stuff
    (mainly html) before putting it up on a "live" computer.
    Down the road, I have a real-time control project idea, involving their
    serial ports, that I'm planning on implimenting with the two older
    computers. They won't be connected to any networks, LAN or internet. The
    "control devices" will be my PDA's.

    With my "real" computers, I do ssh to connect as root and just .forward
    root's mail to a regular userid so it can be pop3'd, but with two
    point-to-point older computers it is no problem to have them wide open.
    Keeping them wide open will make things easier and plus, I would like to
    gain knowledge of what exactly is blocking root from telneting/ftp/pop3 in.

    Again, I know this is "bad". I'm well aware of that. (Although in this
    situation it really makes no difference.) Did some deja/web searches on
    this, but all of them disintegrate into a "Don't do that" discussion even
    though those people were doing something in an almost identical situation.

    I've been up and down everywhere, RTFM'ing, but still can't pinpoint exactly
    what is blocking this. Starting to think that maybe there is some flag to
    pass while compiling these programs, or a line in the source that needs to
    be commented out?

    All help is most appreciated!
    TIA




  2. Re: Enabling telnet, ftp, pop3 for root...

    "Ecresa" (06-04-05 21:22:52):

    > Hello, I am wanting to enable root to be able to establish a telnet,
    > ftp, and pop3 sessions.


    This is bad!


    > I've been up and down everywhere, RTFM'ing, but still can't pinpoint
    > exactly what is blocking this. Starting to think that maybe there is
    > some flag to pass while compiling these programs, or a line in the
    > source that needs to be commented out?


    Now, to be serious, if you are really going to do this, and you are
    completely aware that you are doing sin here, then it would be very
    helpful, if you told us, which server/client programs you use and which
    concrete error message you get, when you try to connect as root.


    Regards.

  3. Re: Enabling telnet, ftp, pop3 for root...

    On Wed, 05 Apr 2006 21:22:52 +0000, Ecresa wrote:

    > Hello, I am wanting to enable root to be able to establish a telnet, ftp,
    > and pop3 sessions.


    Yet another typical dumbass Windose luser.

    Perhaps by the time you learn how to do that you will realize how truly
    stupid it is.


  4. Re: Enabling telnet, ftp, pop3 for root...

    ["Followup-To:" header set to alt.os.linux.]
    In , on Wed, 05 Apr 2006
    21:22:52 GMT, Ecresa wrote:
    > Hello, I am wanting to enable root to be able to establish a telnet, ftp,
    > and pop3 sessions.


    So do it. Enable the appropriate switch in the
    appropriate place. Since you don't narrow it down
    any further than a universal question, that is the
    universal answer.

    > With my "real" computers, I do ssh to connect as root


    Also bad. You should ssh to a user account and
    then su to root only when necessary.

    > I've been up and down everywhere, RTFM'ing, but still can't pinpoint exactly
    > what is blocking this.


    First you say you want to enable daemons, then you
    say ports are blocked. Which is it?

    > All help is most appreciated!


    Help can only be as specific as the question.

  5. Re: Enabling telnet, ftp, pop3 for root...

    On 05.04.2006, Steve Ackman wrote:
    >> With my "real" computers, I do ssh to connect as root

    >
    > Also bad. You should ssh to a user account and
    > then su to root only when necessary.


    Can you recall any argument against remote logging as root directly?
    Assume that root has strong password, connecting user has already
    successful connections with that machine and knows SSH host key and SSH2
    protocol is used.

    --
    Feel free to correct my English
    Stanislaw Klekot

  6. Re: Enabling telnet, ftp, pop3 for root...


    "Ertugrul Soeylemez" wrote in message
    news:e11evs$572$02$1@news.t-online.com...
    > "Ecresa" (06-04-05 21:22:52):
    >
    > > Hello, I am wanting to enable root to be able to establish a telnet,
    > > ftp, and pop3 sessions.

    >
    > This is bad!
    >
    >
    > > I've been up and down everywhere, RTFM'ing, but still can't pinpoint
    > > exactly what is blocking this. Starting to think that maybe there is
    > > some flag to pass while compiling these programs, or a line in the
    > > source that needs to be commented out?

    >
    > Now, to be serious, if you are really going to do this, and you are
    > completely aware that you are doing sin here, then it would be very
    > helpful, if you told us, which server/client programs you use and which
    > concrete error message you get, when you try to connect as root.
    >


    Hi,

    Thanks for taking helpful interest. Some people would think the world is
    going to end if two simple old P2's, connected directly to one another, no
    where near near the internet or a LAN touching the internet, in a private
    home, is going to end if you are able to telnet between the two as root.
    You would think, in gaining further knowledge of security alone, one would
    take an active interest in what exactly is preventing this instead of just
    chalking it up as just a "black magical box".

    All clients were able to connect, but wouldn't get authorization for a valid
    root/pass.

    Anyway, I finally found how to get it working; greping the /var/log's for
    failed outside authentications from root and then modifying /etc/securetty
    to permit those respective tty's.

    Thanks..



  7. Re: Enabling telnet, ftp, pop3 for root...

    ["Followup-To:" header set to alt.os.linux.]
    Ecresa enlightened us with:
    > Some people would think the world is going to end if two simple old
    > P2's, connected directly to one another, no where near near the
    > internet or a LAN touching the internet, in a private home, is going
    > to end if you are able to telnet between the two as root.


    You said yourself that you test stuff on that machine before putting
    it online. Don't forget to remove the open root access before that
    time!

    Besides, I think logging in as root through SSH using public key
    authentication (hence no typing of passwords) is easier than using
    telnet and logging in as root. So SSH is easier and more secure.

    Sybren
    --
    The problem with the world is stupidity. Not saying there should be a
    capital punishment for stupidity, but why don't we just take the
    safety labels off of everything and let the problem solve itself?
    Frank Zappa

  8. Re: Enabling telnet, ftp, pop3 for root...

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Ecresa sent the following transmission through subspace:

    > Some people would think the world is
    > going to end if two simple old P2's, connected directly to one another, no
    > where near near the internet or a LAN touching the internet, in a private
    > home, is going to end if you are able to telnet between the two as root.


    According to most movies, any computer can be hacked from the internet
    even thou they do not have any networking installed.
    Even computers with NO POWER can be hacked from the internett
    an all files can be copied.
    .....According to Hollywood.

    You didnt know? :-)=

    - --
    Solbu - http://www.solbu.net
    Remove 'ugyldig' for email
    PGP key ID: 0xFA687324
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.2.2 (GNU/Linux)

    iD8DBQFEPb13T1rWTfpocyQRAjV9AKDEMjlU0N/HUX0OQ0GpnFYJYhkimgCfeHav
    75zzcrVF2VN34rDi50KnSSA=
    =8dT1
    -----END PGP SIGNATURE-----

+ Reply to Thread