RE: Custom messages for failed ROOT logins on RedHat
From: Carr, Aaron [CNTUS] (CarrA@Centocor.com)Date: 09/21/01
- Previous message: Chris Freeze: "RE: iptables anti-nimda anyone?"
- Maybe in reply to: netnerd: "Custom messages for failed ROOT logins on RedHat"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Message-ID: <A9E1BAD3D18AD411873900508B63C65E01F438B3@M1NTDC42> From: "Carr, Aaron [CNTUS]" <CarrA@Centocor.com> To: "'netnerd'" <nkav@tpg.com.au>, focus-linux@securityfocus.com Subject: RE: Custom messages for failed ROOT logins on RedHat Date: Fri, 21 Sep 2001 09:18:46 -0400
Here are a couple things.
First /etc/rc.d/init.d/telnetd stop
Next rpm -e telnet-server
Next Install SSH
Also, just a personal opinion....While the thought of having custom error
messages for failed logon attempts, and failed port connection attempts
might sound cool and fun now....chances are that eventually you're going to
end up pissing someone off to the point that they will wait and watch until
a new exploit comes out and nail you just because you hurt their feelings.
I'm saying that it's right, or that it's justified, just that it's probably
true. When you tell someone they can't do something, they become far more
determined to do so.
That's just my .02 cents.
Aaron Carr, CCNA, MCSE
Technology Integration
Systems and Process Support
Clinical Research and Development
(610)651-7321 (Voice)
(610)651-6242 (Fax)
(215)431-3133 (Mobile)
8779900973@skytel.com (Text Pager)
The information contained in this e-mail and any attached files,
including replies and forwarded copies, are confidential and intended
solely for the addressee(s) and may be legally privileged or prohibited
from disclosure and unauthorized use. If you are not the named addressee
you may not use, copy or disclose this information to any other person.
If you received this message in error please notify the sender
immediately and delete all copies of the email and associated files. If
you are not the intended recipient, any form of reproduction,
dissemination, copying, disclosure, modification, distribution and/or
publication or any action taken or omitted to be taken in reliance upon
this message or its attachments is prohibited and may be unlawful. Any
views or opinions presented are solely those of the sender and do not
necessarily represent those of Centocor, Inc., or Johnson & Johnson.
-----Original Message-----
From: netnerd [mailto:nkav@tpg.com.au]
Sent: Tuesday, September 18, 2001 11:18 AM
To: focus-linux@securityfocus.com
Subject: Custom messages for failed ROOT logins on RedHat
Hi, just curious if its possible to get PAM or TCP Wrappers... or anything
else for that matter, to give me a custom error message, like:
"go away & stop trying to login as root"
When idiots try telnetting into my box. I know its possible to use TWIST
with tcpd, but i dont want it to be host based! I just want it to happen
when someone from any address tries to login as root.
Is it possible to get PAM to return custom error messages??
Any help/suggestions/flames appreciated
netnerd
- Previous message: Chris Freeze: "RE: iptables anti-nimda anyone?"
- Maybe in reply to: netnerd: "Custom messages for failed ROOT logins on RedHat"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
