authentication failure for rsh

[farhadka]

hi
I'm trying Mitnick attack for a lab with docker, in terminal container I made .rhosts file and wrote the trusted server's ip in it (echo 10.9.0.6 > .rhosts) and also made it writable only for owner (chmod 644 .rhosts) but when I use "rsh 10.9.0.6(terminal's ip) date" in the server, I see authentication error, what should I do and how can I fix this?

 

[KGIII]

We don't normally help with hacking attempts, as we can never be sure of your motivation. You could be attacking your own container, or you could just be telling us that you're attacking your own container and really be trying to hack your way into a system that doesn't belong to you.

Additionally, if it is indeed homework, we usually like to see the OP doing the work, knowing what they tried, etc. before assisting them. If you're a student, you have both peers and a formal instructor. They're usually your best bet for asking for help.

So, I'd be surprised if anyone offered you a great deal of help with this one. I'll leave the question up and open, as it doesn't actually violate any rules that we have at this time. If someone does opt to help, that's fine - it's just unlikely that anyone will.

 

[NorthWest]

No help from here, but rsh and rlogin were once major networking tools for me. However, rsh and rcp always had many niggly issues though apart from network insecurity, such as dropping letters in filenames when trying to copy directories of files between computers. Here are some observations from:
http://wiki.cas.mcmaster.ca/index.php/The_Mitnick_attack, which describes Mitnick's methods, now well protected against.

Prevention
Nowadays, Mitnick attack is no longer practical because the security in networking field is way improved than before. However, preventing Mitnick attack is the least requirement a system must satisfy to be considered secure. It worths (sic) to mention that in the days of the attack, people (e.g. Tsutomu) used remote shell (RSH) instead of secure shell (SSH) like today.

Comments
The Mitnick attack was a classic case. Mitnick took advantage of easy-to-be-known weaknesses. After his attack, computer security was taken more seriously. New tools was developed to improve security in networking over the Internet. SSH (secure shell) is used to replace RSH (remote shell) which allowed data transfered (sic) insecurely.

The new security environment was most welcome with superior preservation of file integrity among other aspects.