LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   can't access some port from outside (https://www.linuxquestions.org/questions/linux-networking-3/cant-access-some-port-from-outside-31651/)

azure_ss 10-01-2002 10:28 PM
can't access some port from outside
 
hi,all
I start a service on port 50000 in my redhat 7.1 server.
And I can connect to the port(using telnet ip 50000) in my linux box.But it just doesn't work from the internet.
I checked my hosts.allow and hosts.deny and they should be fine.
I also execute "/sbin/iptables -X" and "/sbin/iptables -F" to stop the iptables(ipchains is not available on this version).
So what else do I miss?
btw,when I check services file I found that there is a comment saying that "#local service" just before the service using port 50000,what does local service means?how can I change it?
Thanks

neo77777 10-01-2002 11:01 PM
Well, RH does more than keeoing you off of your box, but SSH will do more to kee as close and secure as possible to your box from anywhere in the world. I guess you are trying to leave a backdoor to your system to telnet to it, and do whatever after you login, right? Don't do it, it is not only your security this is a security of the whole internet community, your opened port will be discovered very soon on the net, and believe me hundreds of pranks and sofisticated crackers will try to brake in, if telnet is listens on that port, you can kiss good-bye to your server, enough said, use SSH http://www.openssh.org
If it is another kind of service you got there running, but still you mentioned that you can login to that port through telnet - this is the weakest link, and it makes your whole system weak.

azure_ss 10-01-2002 11:06 PM
You misunderstood my meaning.
I just use telnet to test the connectivity.Actually,it's a database service running on that port.And I am trying to connect to the database through internet.
anyway,thanks for your reply

neo77777 10-02-2002 08:50 AM
Yeah, I did misunderstand your question, I thought you were going to use whatever service you are running there to remotely login to your system, you can work it out through tcp-wrappers for inetd or xinetd configuration if you are running either of these respective services.

azure_ss 10-02-2002 09:27 AM
I did check the xinetd but it's just a default setting there.So by default no port is forbidden,right?
btw,who knows what does "local services" means and how can i change it?

neo77777 10-02-2002 10:12 AM
It should say something like disable=no in all the include files in /etc/xinet.d/ directory.


All times are GMT -5. The time now is 02:01 PM.