Windows NT Rsh Service contents.gifindex.gif

Windows NT Rsh Service

A version of rsh ships with the Windows NT Resource Kit which executes all commands, regardless of user, under the system account. The system account is the most powerful account on a Windows NT computer, and it is not recommended that this service be run under any circumstances. If this service is found, the instsrv tool which also ships with the Windows NT Resource Kit can be used to remove the rsh service.

Risk: High

OS Vulnerable: Windows NT

Fix: Remove the service by typing instsrv rshsvc remove at a command prompt.