Re: How do you stop !root logins from dialup connections

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Brian 'MegaZone' Bikowicz: "DTR dropout time revisited (fwd)"
• Previous message: Brian 'MegaZone' Bikowicz: "Re: Radius on an HP (fwd)"
• In reply to: Scott Henry: "How do you stop !root logins from dialup connections"
• Next in thread: Robert Hanson: "Re: How do you stop !root logins from dialup connections"

Something I've long thought would be nice, that would take care of
this, would be for ComOS to define an abstract interface between the
CPU and the outside world. Call it int0, the internal
pseudo-interface. You could define filters and attach them to int0,
and thereby control who could get access to the ComOS kernel from the
outside. This would solve the problem of having to have the same kind
of filter on every interface just to protect the portmaster or the IRX
itself.

And, if someone dialed into an async port and logged in as !root, this
could be abstracted as (or actually implemented as) telnetting across
the int0 interface into the CPU, with some fake source address that
incorporated the port number (e.g. 192.168.0.100+<portnumber>), also an
encoding of whether S0 was up or down. This would allow a high degree
of control over access to the Livingston box itself.

-mm-

• Next message: Brian 'MegaZone' Bikowicz: "DTR dropout time revisited (fwd)"
• Previous message: Brian 'MegaZone' Bikowicz: "Re: Radius on an HP (fwd)"
• In reply to: Scott Henry: "How do you stop !root logins from dialup connections"
• Next in thread: Robert Hanson: "Re: How do you stop !root logins from dialup connections"