Loading ...
Sorry, an error occurred while loading the content.

Firmware 2.05 with telnet question

Expand Messages
  • simono71
    I have successfully installed the 2.05 firmware with telnet version and have also downloaded and read the hack guide. I am a little confused, when I telnet
    Message 1 of 2 , May 30, 2005
    • 0 Attachment
      I have successfully installed the 2.05 firmware with telnet version
      and have also downloaded and read the hack guide.

      I am a little confused, when I telnet into the 2.05 am I running as
      root, because I didn't need to type in a password.

      If so how do I add a password so that the device is not left wide open?

      Also is there then a way I can enable/disable the daemon at will so I
      don't leave open a security hole?

      Thanks, its tough being a newbie...

      Simon
    • balimbabullabe
      ... You wouldn t be able to enter the password because noone (I know) has knowledge about the password. This is why you automatically get logged in as the user
      Message 2 of 2 , May 31, 2005
      • 0 Attachment
        > I am a little confused, when I telnet into the 2.05 am I running as
        > root, because I didn't need to type in a password.

        You wouldn't be able to enter the password because noone (I know) has
        knowledge about the password. This is why you automatically get logged
        in as the user the webserver is running in (which fortunately is root)

        > If so how do I add a password so that the device is not left wide
        > open?

        Telnet is an unsafe protocol, you could try to replace "/bin/bash" in
        the s05telnet script with /sbin/init, this could give you a logon prompt

        > Also is there then a way I can enable/disable the daemon at will so I
        > don't leave open a security hole?

        I think it should be easier to only use the telnet daemon once to get
        access to the Linkstation and then disable it and install ssh.
        If you only want to have telnet running from time to time you could
        install the exec.pl trick which is also described in the hacking howto
        and then delete s05telnet.
      Your message has been successfully submitted and would be delivered to recipients shortly.