From: dux@yabbs
To: htoaster@yabbs
Subject: re: telnet
Date: Sun Oct 17 16:18:21 1993

I will usually replace the telnet and tn executibles with my own versions.
this leaves the playing field wide open for tricks.  not only will I get
a log of who telnets where with what passwords, but I can also put a 
scrambled script file in /tmp with a scrambled filename that specifies the
user and login sequence in which it will be run.  Then when I do my 
duties all logging points to the user (this is great for wrappers + 
nonstandard security, nothing points to me or accounts that I have.)  I 
have thought of setting up a script that if a person logs into a machine 
of proper type with root , that the patched telnet and tn will be sent to 
the new host, which will then function the same way.  but as soon as it 
leaves my machines, it leaves my control and that makes my paranoid