Home > Tutorials > Linux Server Tutorials > Server Security: Turn Off rwhod

Server Security: Turn Off rwhod

The rwhod daemon is a process that allows a remote user to see who is logged into your system. The client program is rwho. It has many of the same security problems as the finger daemon. For a crack,er use of rwho could allow him to watch for times on your system when nobody is logged in and begin his attacks. It also allows him to find out user names of accounts on your system and target them as possible attack points.

Luckily most Linux distributions recognize this vulnerability and although they include rwhod, many have stopped installing it by default. To verify that it is not running on your system run the following command:

ps axlww | grep rwho

If any process other than grep itself shows up, you should disable it. On Red Hat and similar distributions, the command to remove rwhod from your system is:

rpm -e rwho

About Michael Boguslavskiy

Michael Boguslavskiy is a full-stack developer & online presence consultant based out of New York City. He's been offering freelance marketing & development services for over a decade. He currently manages Rapid Purple - and online webmaster resources center; and Media Explode - a full service marketing agency.

Check Also

No Website Is Too Small To Hack

Cyberattacks suck – and as webmasters we have to deal with a lot of them. ...

Like every other website, this site uses cookies to analyze our traffic. Cookies may also be utilized by our advertisers and partners. By using this website you agree to the use of said cookies. More Information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings, continuing to navigate past this message, or you click "Accept" below then you are consenting to the use of cookies on the Rapid Purple website.