[NBLUG/talk] network problems (local)

Glen Gunsalus g-gunsalus at mindspring.com
Tue Apr 29 14:44:01 PDT 2003


Jeffrey,

Thanks for the poke in the right direction.  Here's where I've
been/progressed to:

Hmmm, well I can't telnet from machine 1 to machine 1.

the entry in inetd.conf is:
telnet  stream  tcp     nowait  root    /usr/sbin/tcpd  in.telnetd

Ok, so I started telnetd manually: /usr/sbin/in.telnetd -debug
and was able to telnet from 1 to 1.
On exit from telnet session telnetd died (didn't invoke telnetd in
background so was able to see new # prompt pop up).

Small progress, but I'm at a loss as to why telnetd doesn't get started
by inetd (actually I see xinetd running (ps -ef | grep inet}.

Next idea?  maybe needs complete pathname for in.telnetd? Nope.

Ok, I read the xinetd man page and see it uses /etc/xinetd.conf which
invokes /etc/xinted.d - then to telnet in that file that contained the
line: disable = yes, changed to no, sent SIGHUP and bingo I'm in.

I will use this for testing purposes, but expect it's a large security hole
once I get on the internet.

What's the best approach to closing this hole?  I haven't yet configured
SSH, but expect this with some kind of hook to make telnet sessions only
respond to SSH might be the answer.  I've not used SSH in the past since
I've not been in a situation that would require it.  Guess it's time
to learn.


 >>> "Jeffrey Miller" said:
  > Glen,
  >
  > Is machine 1 (RH 7.3 new upgrade) running telnetd, or is inetd 
configured to
  > launch telnetd?
  > (try this: can you telnet from machine 1 to machine 1?)
  >
  > I could imagine an upgrade might install a new copy of inetd.conf which
  > would disable telnet.
  >
  > Jeff Miller
  >
  >
  > _______________________________________________
  > talk mailing list
  > talk at nblug.org
  > http://nblug.org/mailman/listinfo/talk






More information about the talk mailing list