|
Pretty rexec is part of rsh, unencrypted ssh. Don't use it. Password
transmitted in plain text.
This is a shut it of and see if people complain kind of thing because it's
unpopular and insecure. I don't blame your auditors getting upset at this.
On Thu, Apr 21, 2016, 14:47 Rob Berendt <rob@xxxxxxxxx> wrote:
I'm getting dinged because I allow this. Don't even really know what this
is.
Uses port 512.
NETSTAT *CNN
Connection type . . . . . . : *TCP
Local address . . . . . . . : *
Local port . . . . . . . . . : 512
Current
Name User Number Type User
QTRXC00004 QTCP 430542 *BCH QTCP
Joblog does mention
RTGDTA(REXECSVR)
Does this mean it's the remote command executer? Or just one of a few
different remote command executors? IOW, does it handle PC and *x remote
commands or does it also handle SBMRMTCMD?
I see that I do not have this running on many lpars. Of course, it's
running on our main production lpar. I wonder if I'm using it now or if
was something just started a decade or so ago to help with installation of
some product which may have needed it at the time for it's installation.
Think weird stuff like WAS, Quickr, Sametime, etc. Is there an access log
which holds this stuff?
CVE-1999-0526
CVSS v2 Base Score: 10.0 HIGH
See also: http://www.kb.cert.org/vuls/id/704969
Audit report says options are:
- Disable X11 from listening on TCP ports
- Firewall X11's TCP ports
- Restrict access using xhost -
I'm thinking xhost and firewall are basically the same - restrict which IP
addresses can connect. The difference being one you do with your network
guy and the other you do with a table on your IBM i.
I get a little tired of having to authorize each user of each port
individually.
Rob Berendt
--
IBM Certified System Administrator - IBM i 6.1
Group Dekko
Dept 1600
Mail to: 2505 Dekko Drive
Garrett, IN 46738
Ship to: Dock 108
6928N 400E
Kendallville, IN 46755
http://www.dekko.com
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.
Please contact support@xxxxxxxxxxxx for any subscription related
questions.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.