-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Thu, 7 Apr 2005, Vernon A. Fort wrote:
Ted Gervais wrote:
I have just discovered that people are not able to telnet to my system and I have been told that it is not because I don't have the necessary ports open but rather the problem is because of protocols??
I have no idea what this means and am wondering if someone could explain. If it is needed I can supply a copy of my firewall but was wondering first if anyone has heard of this.
you should be able to list the open port from the iptables command: iptables -L -nv
and
telnet localhost to see if telnet if running
from the iptables, you should see port 23 open from the ip address needing access. you should also be able to telnet to the localhost.
Which might tell him if the ports open, but not if there's anything really listening on the port. gre telnet /etc/inetd.conf is a better starting point, since he claims is rulebase allows telnet already, this so7unds like the ports open but there's nothing listening. If he see this response;
#telnet stream tcp nowait root /usr/sbin/tcpd in.telnetd
He needs to vi /etc/inetd.conf to enable telnet <and with tcpd for other sec reasons> the kill -HUP inetd and also then make sure his /etc/hosts.allow is setup to allow telnet, especially if he has a populated /etc/hosts.deny.
Thanks,
Ron DuFresne
- -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
admin & senior security consultant: sysinfo.com
http://sysinfo.com
Key fingerprint = 9401 4B13 B918 164C 647A E838 B2DF AFCC 94B0 6629
...We waste time looking for the perfect lover instead of creating the perfect love.
-Tom Robbins <Still Life With Woodpecker> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFCVZSVst+vzJSwZikRAi1AAJ4lcGiGAAo4nNFMFI5M4cEja7s0jwCcDI18 xX+FOhgzqbMgGbGdIhZ4oGE= =yWtU -----END PGP SIGNATURE-----
