Re: rshd gives away usernames

Christophe Kalt (kalt@STEALTH.NET)
Sat, 14 Jun 1997 18:22:02 -0400

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: David M. Dandar: "Re: DNS abuse"
Previous message: Micah Brandon: "Re: Netscape Exploit"
Maybe in reply to: David Holland: "rshd gives away usernames"

ssh also has this problem.

The line "Remote: Rhosts/hosts.equiv authentication refused:
client user 'kalt', server user 'kalt', client host
'millennium.stealth.net'." only appears when the account
exists. (need to run in verbose mode)

This might not the case if the remote sshd doesn't allow
this particular kind of authentication. I didn't check for
other schemes.

On Jun 13, David Holland wrote:
| Try 'rsh victimhost -l realuser' and 'rsh victimhost -l nosuchuser'.
| The error reported is different.
|
| Therefore, it's possible to determine which account names are valid.
| This is an issue only for particularly paranoid sites that probably
| already have rshd disabled, but I thought it would be worth issuing a
| warning anyway.

Next message: David M. Dandar: "Re: DNS abuse"
Previous message: Micah Brandon: "Re: Netscape Exploit"
Maybe in reply to: David Holland: "rshd gives away usernames"