Solved

Prevent Remote reboot Solaris 2.5

Posted on 1997-12-31
6
424 Views
Last Modified: 2013-12-16
Is there a way to prevent remote reboot, init 0, or shutdown? Other than disabling the aforementioned commands.
Help???
0
Comment
Question by:maudib031397
6 Comments
 

Author Comment

by:maudib031397
Comment Utility
Edited text of question
0
 
LVL 12

Expert Comment

by:Otta
Comment Utility
Rather than "disabling" the commands,
just rename them, to "hide" them.
Then, write a shell-script to
determine whether the user is "local" or "remote", and then to either REFUSE to execute the command, or to execute the renamed version of the command.

P.S. Why do you want to do this?
Do you like driving through snow-storms
in order to reboot a machine, rather than
using a remote login to do the same thing?
0
 
LVL 12

Expert Comment

by:Otta
Comment Utility
Oops. Click on 'comment' instead of 'answer'.
0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 
LVL 5

Expert Comment

by:n0thing
Comment Utility
No, if you don't want users to do a reboot on your machine
don't give them the root passwd. It doesn't help to rename or
hide it, so many commands to rename "reboot", "shutdown",
"init" ... if you rename them. You'll have lots of trouble
with "init" when the system reboot. Besides, anyone with root
could reboot your system easily without having access to those
commands by making a kernel panic ... or just copy the binaries
from another system. Don't give root if you don't want your system to reboot, and besides you cannot disabling ANYTHING from
root.

Regards,
Minh Lai
0
 

Expert Comment

by:psundstr
Comment Utility
It depends what your concept of "remote" is.  Do you mean you only want to be able to shutdown the machine by logging on the console?  If so, you can restrict root login to the console, although that doesn't stop someone logging in as themselves and using su to gain root access (providing they have the root password of course).
0
 
LVL 1

Accepted Solution

by:
malec earned 200 total points
Comment Utility
Put this into your /etc/cshrc:

if ($?REMOTEHOST) then
    echo ">>>  $REMOTEHOST : $USER"
    if (($REMOTEHOST == "host-you-allow-access") && ($USER == "account-you-allow-access")) then
       exit
    else
       /usr/sbin/playaiff /disk2/sounds/scream.wav
       echo "Whoa there, $REMOTEHOST. Stay away\!"
       echo "This break-in attempt is being logged complete with ethernet mask and IP of the intruder"
       echo "`date` : Attempt to log into Iona3 from $REMOTEHOST as $USER \n" >> /disk2/Standards/breakin.attempt
       /usr/bin/mail e@fa.com dio@sympatico.ca < /disk2/Standards/breakin.attempt
       logout > null
       exit
    endif
endif

What it does:

      1. Check if you are remote user.
      2. If you are, checks if you come from authorized machine and as authorized user.
      3. If yes - lets you in. If not, warns you, plays sound on your machine, logs IP address of the culprit and time of the attempt and e-mails this file to you and/or somebody else.

You still can rlogin to your own machine if you need to, but you have to come from certain machine as certain user.

Nice and short. Works with telnet too. I use it on my baby.

Have fun.

0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

Hello fellow BSD lovers, I've created a patch process for patching openjdk6 for BSD (FreeBSD specifically), although I tried to keep all BSD versions in mind when creating my patch. Welcome to OpenJDK6 on BSD First let me start with a little …
Attention: This article will no longer be maintained. If you have any questions, please feel free to mail me. jgh@FreeBSD.org Please see http://www.freebsd.org/doc/en_US.ISO8859-1/articles/freebsd-update-server/ for the updated article. It is avail…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now