Content deleted Content added
Rescuing 1 sources and tagging 0 as dead.) #IABot (v2.0.9.5 |
|||
Line 88:
* The .rlogin (or .rhosts) file is easy to misuse. They are designed to allow logins without a [[password]], but their reliance on remote usernames, hostnames, and IP addresses is exploitable. For this reason many corporate system administrators prohibit .rhosts files, and actively scrutinize their networks for offenders.
* The protocol partly relies on the remote party's rlogin client to provide information honestly, including source port and source host name. A corrupt client is thus able to forge this and gain access, as the rlogin protocol has no means of [[Authentication|authenticating]] other machines' identities, or ensuring that the requesting client on a trusted machine is the real rlogin client.
* The common practice of mounting users' home directories via
Due to these problems, the r-commands fell into relative disuse (with many Unix and [[Linux]] distributions no longer including them by default). Many networks that formerly relied on rlogin and telnet have replaced them with [[Secure shell|SSH]] and its rlogin-equivalent ''slogin''.<ref name="Sobell">{{cite book|last=Sobell|first=Mark|title=A Practical Guide to Linux Commands, Editors, and Shell Programming|isbn=978-0-13-136736-4|date=2010|publisher=Pearson Education, Inc}}</ref><ref name="iu">{{cite web|title=Unix job control command list|publisher=Indiana University|url=https://kb.iu.edu/d/afnw|accessdate=20 December 2014}}</ref>
| |||