rsh and rlogin are two utilities for establishing and executing commands on remote host.
It is insecure and doesn't encrypt the data it transfers.
The default port used by rsh is 514
The default port used by rlogin is 513
The issue:
Firewall has blocked 513, but 514 is open
We observe the following behavior:
//No response. snooping shows no response from remote host 10.56.41.11
sunhost1:/# rsh 10.56.41.11
^Csunhost1:/#
//We have got the desired result
sunhost1:/# rsh 10.56.41.11 "uname -a"
SunOS MDSSMP01 5.10 Generic_127127-11 sun4v sparc SUNW,Sun-Fire-T200
sunhost1:/#
Why is the difference?
As per MAN page of rsh - If you omit command, instead of executing a single command, rsh logs you in on the remote host using rlogin(1).
Thus the rsh without a sub-command has used rlogin and thus port 513 was used which resulted in packets dropped by firewall.
No comments:
Post a Comment