[NBLUG/talk] network problems (local)

Mark Street jet at sonic.net
Tue Apr 29 15:33:01 PDT 2003


man xinetd.conf

in your telnet file in /etc/xinetd.d/
put a line that says
only_from = 192.168.1.0/24
or
only_from = 192.168.1.{3,5,7,9}  - a range of hosts

or you can wrap it and make an entry in /etc/hosts.deny
in.telnetd	:  ALL  EXCEPT 192.168.1.

Better yet block it at the firewall.  A nice tool for the newbie would be 
firestarter.

As the packet comes off the wire into your box it hits several points where 
you can block requests for service.

From lowest to highest on the stack;

1.  Kernel
2.  iptables/ipchains
3.  libwrap - tcpwrappers, /etc/hosts.allow and /etc/hosts.deny
4.  xinetd super server
5.  PAM authentication modules
6.  TH'service daemon

On Tuesday 29 April 2003 14:46, Glen Gunsalus wrote:
> I will use this for testing purposes, but expect it's a large security hole
> once I get on the internet.
>
> What's the best approach to closing this hole?  I haven't yet configured
> SSH, but expect this with some kind of hook to make telnet sessions only
> respond to SSH might be the answer.  I've not used SSH in the past since
> I've not been in a situation that would require it.  Guess it's time
> to learn.


-- 
Mark Street, D.C.
Red Hat Certified Engineer
Cert# 807302251406074
--
Key fingerprint = 3949 39E4 6317 7C3C 023E  2B1F 6FB3 06E7 D109 56C0
GPG key http://www.streetchiro.com/pubkey.asc




More information about the talk mailing list