telnet disconnects/firewall help?

DJ dgj-dave at pacbell.net
Wed Mar 1 18:35:48 PST 2000 

I just tried uncommenting the port 23 line so it looks like this..
> ipchains -A eth0-in -p tcp -s 0/0 23 -y -j ACCEPT
> #ipchains -A eth0-in -p tcp -s 0/0 21 -y -j ACCEPT
but I am still unable to connect or even get a login prompt..
I still get a connection to host lost..? hmm so it must be making a connection
and losing it right?
do you know of anything else to check? dependancies?
I apreciate your help!
-dave
Eric Eisenhart wrote:

> On Wed, Mar 01, 2000 at 05:10:19PM -0800, DJ wrote:
> > for a while now i have had my telnet service disabled for security
> > purposes, since then I have implimented SAMBA, APACHE and a donated
> > RC.FIREWALL script..
> > the problem came when i went back into INETD.CONF to enable the telnet
> > service and nothing happened.
> > I can get a successful telnet connection with my server..
> > whenever i run 'telnet 63.199.5.221' from any outside client I get '
> > connection to host lost', Would this be related to the firewall
> > filtering of telnet? is telnet on port:23?
> > like i said i dont fully understand ipchains, but when i do would I need
> > to allow all incoming tcp packets on port 23?
> [snip]
>
> > ### Uncomment to allow inbound ftp connections
> > ### enable telnet first then ftp on 21..
> > #ipchains -A eth0-in -p tcp -s 0/0 23 -y -j ACCEPT
> > #ipchains -A eth0-in -p tcp -s 0/0 21 -y -j ACCEPT
>
> Yes, telnet is port 23.  You'll need to open port 23 back up in order to be
> able to telnet in via eth0.
>
> I'd like to strongly reccomend installing SSH and then adding something like
> this to your firewall configuration:
> ipchains -A eth0-in -p tcp -s 0/0 22 -y -j ACCEPT
>
> (and then using an ssh client to connect instead)
>
> SSH is kinda like telnet (it can also do other things), but it encrypts your
> connection so that it's harder to see what you're sending across the
> connection.  (like your password, for instance)
> --
>     Eric Eisenhart   Freedom is slavery.      http://eric.eisenhart.com/
>  ^  ICQ#: 48217244   Ignorance is strength.   eric-dot-sig at eisenhart.com
> /e\ Perl&SQL Coder   War is peace.            IRC Nicks: Falsch Freiheit
> ---                        -- George Orwell

More information about the talk mailing list