Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Mass Machine Login

from [Nick Owen] Network Security [Permanent Link]
Subject: Re: Mass Machine Login
Date: Tue, 24 Jan 2006 11:31:36 -0500 
Adam Kane wrote:

 Ryan Cummings wrote:

-----Original Message-----
From: Ryan Cummings [mailto:ryan.r.cummings@gmail.com] 
Sent: Tuesday, January 17, 2006 10:06 PM
To: security-basics@securityfocus.com
Subject: Mass Machine Login

I've been beating my brains out trying to find a solution for this but
can't.  Has anyone seen software or a script that will allow you to send a
login to multiple machines at one time?  Say for an entire room, for sake of
an example, has 75 computers all on the same vlan and we would like to login
to all the computers without touching each one of them individually with a
specified username.

Ryan
  

I feel having the same login/password on all 75 computers is a bad
security practice.

Are you talking about logging into all the computers via SSH or FTP or
something like that or are you talking about having the computers
automatically log in when booted?



Here's a thought (maybe not well thought-out ;):  Could you set up a SSH
'gateway' box that acted as an SSH-agent for the other boxes and proxied
requests to the other servers?

So, the gateway box would have private keys for all the users on all the
other boxes, which would only require key authentication.  The gateway
box would also require a password or strong authentication.  Perhaps you
could only allow SSH logins from the gateway IP or lock it down in some
similar manner?  Effectively the users login once to the gateway box and
then have access to all the others.  Does that make sense?

Nick

-- 
Nick Owen
WiKID Systems, Inc.
404.962.8983 (desk)
404.542.9453 (cell)
http://www.wikidsystems.com
At last, two-factor authentication, without the hassle factor
Now open source: http://sourceforge.net/projects/wikid-twofactor/

---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Tailor your education to your own professional goals with degree 
customizations including Emergency Management, Business Continuity Planning, 
Computer Emergency Response Teams, and Digital Investigations. 

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Re: University Degree or CISSP, Elizabeth Lewis
Next by Date:  Re: SSH server under attack..., ilaiy
Previous by Thread:  Re: Mass Machine Login, Bradley
Next by Thread:  Re: Mass Machine Login, lonely wolf
Indexes:  [Date] [Thread] [Top] [All Lists]