Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
11-09-2006, 11:08 PM
|
#1
|
LQ Newbie
Registered: Oct 2006
Posts: 9
Rep:
|
ruptime and rwhod?
Are there any known issues with starting rwhod on multiple UNIX systems on a network...? I.e. if I get hacked on one system does the hacker own me and my systems/network?
-KJ
Last edited by keith johnson; 11-09-2006 at 11:13 PM.
Reason: misstakenly pressed enter
|
|
|
11-10-2006, 04:18 PM
|
#2
|
Senior Member
Registered: Jul 2003
Location: Silicon Valley, USA
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660
Rep:
|
cve.mitre.org lists a few historical vulnerabilities for rwhod, but nothing recent. In general it's never a good idea to run any network service unless you absolutely need it. The more services you run, the higher the possibility is that one will have a vulnerability and the more things you have to worry about patching right away.
If you did run rwhod on all your machines and an attacker was able to compromise one of them through an exploit of rwhod, it is extremely likely that they would systemically take over every other machine on your network that was running the service.
|
|
|
11-16-2006, 07:20 PM
|
#3
|
LQ Newbie
Registered: Oct 2006
Posts: 9
Original Poster
Rep:
|
Very logical...
In my case I am looking for a way to monitor (some) real systems that are split up into (numerous) virtual systems.
any-who I am trying to have each system watch the other(s) with the least downside and no extra costs (real dollar, and risk)
I currently use a simple ping script that I wrote but it is not as good as I would like and it is not giving the data that ruptime returns that would be very helpful
For example is my app working when I think it should at any given time of the day
I tested rwho between my dev and another system temporally before posting my first post. And it returned all my active cron jobs with owner and job name a crossed the two systems. Thus with some parsing I can make a simple tool to monitor if the system peers are working as they should.
any ideas on what else to look at?
|
|
|
11-16-2006, 07:22 PM
|
#4
|
LQ Newbie
Registered: Oct 2006
Posts: 9
Original Poster
Rep:
|
... i.e. in the UNIX tool box...?
|
|
|
11-18-2006, 12:29 PM
|
#5
|
Senior Member
Registered: Jul 2003
Location: Silicon Valley, USA
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660
Rep:
|
Use ssh in with private keys that do not have passphrases. Of course, you'll want those accounts to not have privileges to modify anything on the system, but they could get uptime, load, running processes, etc.
|
|
|
All times are GMT -5. The time now is 04:49 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|