COMMAND

    R-Commands

SYSTEMS AFFECTED

    Packet filtering firewalls and  routers that are vulnerable  to IP
    Spoofing,  and  machines  on  the  local, inside network that have
    r-commands enabled.

PROBLEM

    The  "Berkley  R-commands"  allow  one  to  gain access to another
    machine without using  a password.   This was implemented  so that
    passwords were  not transmitted  in the  clear.   The commands are
    based on a system of "trusted  machines."  A system of trust  that
    should NOT  be trusted,  as it  is easy  to fool  (see IP Spoofing
    vulnerability).  An intruder can  possibly gain root access to  an
    machine through the use of  these commands in conjunction with  IP
    Spoofing.

SOLUTION

    Disable ALL r-commands.   To protect against password  sniffing on
    the network, use SSH, or use  a One Time Password scheme (such  as
    BellCore's S-Key)