Home page logo
/

bugtraq logo Bugtraq mailing list archives

Yet more Rconsole.
From: jb () PRIMENET COM (JB)
Date: Fri, 9 Oct 1998 15:00:12 -0700


Ok, heres a very simple solution:  Buy a switch.

If an administrator is careless enough to rconsole to their server from
a shared hub, where there might be someone sniffing them, then expect
what you get.  I can understand the "price" problem of buying a switch
vs. a hub, however, IMO it's a small price to pay for not having to
drive out to a remote site to access my server console.  Also, here is
the best way to setup (IPX/SPX) rconsole on Netware 4.x:

At the server prompt:

SERVER:load remote

Enter a password for rconsole> <password>
SERVER:load rspx
SERVER:remote encrypt


Enter a password to encrypt
<password>
To use this password use the command:

     Load REMOTE -E ABCDE12345

Would you like this command written to SYS:SYSTEM\LDREMOTE.NCF (y/n) <y>
SERVER:load edit ldremote.ncf

In the ldremote.ncf file, you will see the command line from above.
Add the line "LOAD RSPX" underneath the Load REMOTE line.  Save the file.

SERVER:load edit autoexec.ncf

Remove any previous references to remote.nlm.
Add a line near the bottom (wherever is appropriate for you):
"ldremote"  (without the quotes of course).  Save the file.

That's it.  Just make sure that in INETCFG, under
Manage Configuration/Configure Remote Access To This Server,
"Remote Access" is set to Disable.

All of this will keep your encrypted password off the public wire,
and warm and cozy in the SYS:SYSTEM directory, where it should be.


Justin Bodlander
Network Systems Engineer
Mesa Public Schools, Mesa, AZ.



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]