lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: xtrecate at spymac.com (xtrecate@...mac.com)
Subject: Psexec on *NIX 

One can't always be sure that SSH will be installed on the _Windows_ server
you'd like to run a command on.  At least not in large windows networks.
Psexec does not rely on any 3rd party service installations (i.e. ssh), and
so should function across a domain and via vpn with no additional software
needed.

IMHO needing to run the occasional command on a single machine amongst
thousands doesn't warrant widespread ssh (or whatever) deployment.

-----Original Message-----
From: full-disclosure-admin@...ts.netsys.com
[mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Mikael
Abrahamsson
Sent: Thursday, May 06, 2004 1:54 PM
To: full-disclosure@...ts.netsys.com
Subject: RE: [Full-Disclosure] Psexec on *NIX 

On Thu, 6 May 2004, Chris Carlson wrote:

> then use it, but it doesn't make sense to do so.  Why would I install
> and run an ssh daemon just to use it to run another program, then delete

What unix comes without any kind of remote login service such as sshd, 
rexec, telnetd or alike?

Is the thing you're looking for the security model that windows has, in
that you can authenticate to any machine running on same domain and that's
how it knows if you're allowed to execute commands?

There is no such thing default in *NIX. You're probably looking for 
something like Kerberos (which is what Microsoft used as far as I know) 
but it doesnt come standard with most unixes.

According to <http://www.sysinternals.com/ntw2k/freeware/psexec.shtml> 
psexec is a "lightweight telnet replacement", so I don't understand what 
it does that ssh/telnet doesnt do for you?

You can use "ssh <host> -l <username> ifconfig" to run "ifconfig"  
directly on a remote computer without having to actually login and get a
prompt on that machine, if that's what you were looking for.

-- 
Mikael Abrahamsson    email: swmike@....pp.se

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ