This topic has been archived. It cannot be replied.
-
工作学习 / IT技术讨论 / Can someone tell me how to block telnet from untrusted IP?It is not blocking r command (this is from hosts.equiv or .rhosts).
Notice: It is blocking telnet.
Thanks in advance
-unix_learner(unix_learner);
2001-6-14
{120}
(#101421@0)
-
what system?
-pazu(InTheSky);
2001-6-14
(#101455@0)
-
Unix, e.g. Solaris, AIX, FreeBSD, HP-Unix, etc.
-unix_learner(unix_learner);
2001-6-15
(#102212@0)
-
Well, generally speaking, you'd better get a firewall. But some systems have their own ways too.
-pazu(InTheSky);
2001-6-15
(#102455@0)
-
1) use route -reject -net xxx.xxx.xxx.xxx mask xxx.xxx.xxx.xxx to reject any packets from certain ips. This is rough because you not only block tcp, but everything else(udp,rtp) from those ips.2) install a fire wall on your solaris and close the inbound tcp connection request to port 23
3) install a third party tcp wrap which provides ip address filtering function.
4)write your own in.inetd, it reads from a config file and gets all ip addresses you decide to deny access to, when it sees a telnet connection request, it simply closes the connection
-numnum(numnum);
2001-6-14
{362}
(#101461@0)
-
Thanks, you are the man/woman. I can also disable telnetd in inetd.conf and use ssh/sshd, but I want keep telnetd works. Do you have any ideas?
-unix_learner(unix_learner);
2001-6-15
(#102218@0)
-
If you are on Linux, you are in luck, there is a deamon program called tcpd. You just replace the /usr/bin/telnetd with this tcpd in the inetd.conf file, and define the ip addresses in the /etc/host.deny. If you are running on Solaris, you can download the tcpd source file(gnu license) and compile it on your sparc.
-numnum(numnum);
2001-6-15
{280}
(#102489@0)
-
Hmm...tcp_wrapper is not under GNU, afaik it's under BSD like license. Wietse Venema changed the license term about 2 weeks ago after the ipfilter license shakeup.
-dennis2(Dennis);
2001-6-15
(#102596@0)
-
Can you give us the content of your inetd.conf, hosts.deny, host.allow, hosts.equiv, .rhosts?
-dennis2(Dennis);
2001-6-15
(#101936@0)
-
You can find these files in every kind of UNIX under /etc dir. I am doing a test. So mine are the defaults.
-unix_learner(unix_learner);
2001-6-15
(#102217@0)
-
What I mean is that if you can give us the content of those files, then we can have more details to help diagnosing your problem.As long as you have the following in *both* /etc/hosts.equiv and $HOME/.rhosts you should be able to block those r-commands:
-<your IP> [<your username>]
Notice that those 2 files only control r-commands and have nothing to do with controlling in.telnetd. Other daemons (telnetd, ftpd, etc.) can be controlled by /etc/hosts.{allow|deny} through the use of tcp_wrapper.
-dennis2(Dennis);
2001-6-15
{376}
(#102320@0)
-
Oh, thanks. What I want to learn is "how to block telnet from untrusted IP", not r command securities.
-unix_learner(unix_learner);
2001-6-15
(#102341@0)
-
OK, hopefully I got your question right this time :-)
-dennis2(Dennis);
2001-6-15
{861}
(#102594@0)
-
Yep, I got them. Thx a lot.
-unix_learner(unix_learner);
2001-6-18
(#104969@0)
-
tcpserver may be helpful
-netee(netee);
2001-6-18
(#104791@0)
-
Another good way, thx.
-unix_learner(unix_learner);
2001-6-18
(#104971@0)
-
firewallA way is using some firewall like ipchains or iptables. and write a line like
ipchains -A input -s whatever.youwant.block.ip address -p tcp 23 -d 0/0 -j DENY
-guest:guest;
2001-6-22
{158}
(#108967@0)