Rlogin service running

Description
  • The rlogin service is running on this host. Rlogin allows users to log in on another host via a network, as if they were physically present at the computer. Rlogin has several serious security problems:
    • All information, including passwords, is transmitted unencrypted (making it vulnerable to interception).
    • The .rlogin (or .rhosts) file is easy to misuse (potentially allowing anyone to login without a password) - for this reason many corporate system administrators prohibit .rlogin files and actively search their networks for offenders.
    • The protocol partly relies on the remote party's rlogin client providing information honestly (including source port and source host name). A corrupt client is thus able to forge this and gain access, as the rlogin protocol has no means of authenticating other machines' identities, or ensuring that the rlogin client on a trusted machine is the real rlogin client.
    • The common practice of mounting users' home directories via NFS exposes rlogin to attack by means of fake .rhosts files - this means that any of NFS' (legion) security faults automatically plague rlogin.
Remediation
  • If you are not using this service, it is recommended to disable it. Otherwise, replace it with SSH and its rlogin-equivalent slogin.
References