rlogin -froot backdoor
advICE :Intrusions : 2002101

The intruder is trying to attack an older version of the rlogin server which allows remote login as root without a password. The command would look like:

	 % rlogin victim.example.net -l -froot
	 #

This results in a root prompt on the remote system. Many older AIX systems, Linux Slackware 3.1, RedHat 2.1, and others are affected.

This attack can also be directed at the rsh service.

 
Version appeared: