Page 1 of 1
RSH service
Posted: 12 Apr 2014 11:40
by sunder.J
Hi,
One of our customer has asked us to disable the "RSH - remote shell service" as this is a vulnerability as per their policy. Request help and comments to overcome this. Also does enabling security feature in OXE help to over come this .
Regards,
Sunder.J
Re: RSH service
Posted: 12 Apr 2014 14:57
by tgn
rsh cannot turned of (because it's needed by some equipment like pcs)
the oxe trusted hosts feature takes care of it (a little bit). much more configurable and transparent in used rules is an external firewall. ask your customer which kind of security feature he'll prefer...
regards...
Re: RSH service
Posted: 15 Apr 2014 10:13
by sunder.J
Thanks for your reply. If PCS or spatial CS is not there will turning on trusted host suffice.Also Is there any document from ALE on this.
Regards,
Sunder.J
Re: RSH service
Posted: 17 Apr 2014 17:39
by tgn
there is a little bit description in "system documentation/security/detailed description"
search for "trusted host" there.
if you don't trust this table. you can look also in the configuration files of the tcp-wrapper ("hosts.allow", "hosts.deny", etc...) which is in use by the trusted host feature.
regards...
Re: RSH service
Posted: 16 May 2014 10:57
by sunder.J
Enabling SSH feature , disables rsh feature. You can check rsh status under location.
/etc/xinetd.d/rsh
Re: RSH service
Posted: 16 May 2014 12:35
by tgn
yes. this will work too. but now a 8770/4760 needs an extra license to connect.
regards...