Open/Close Ports
 

Hi all,

I have a problem with port number basics. I have RHEL-5 at my workplace, and trying to connect to a remote desktop within LAN. But telnet is giving some error like, telnet can't connect as port:23 is not there. Since 23 is the default port for telnet, so can't say why it is coming out so...I did netstat but didn't see port:23 at all.

Can somebody will help me in knowing how to open or close a specific port ? What is the basic behind port connection, and how it can't connect to some port which is specifically designated for a particular application ?

Thank you in advance,
Kapil.

Hi.

This will be due to IPtables, in RHEL you should be able to use the setup command (just enter 'setup' on the command line) to configure iptables and set telnet as allowed. Alternatively if you could supply the output of the following command enclosed in code tags from the server.

iptables -nvL

Hi r3sistance,

Thank you for the prompt reply...
I will provide the output once I reach office tomorrow. But what I would like to know is how can we open or close a port ? What is the process for doing so ?

Thank You,
Kapil.

A port is either accessible or not, and this is under the control of your local firewall, and whether there is a server making that port available on the machine you are trying to contact.

To make Telnet available, for example, your local firewall must permit outgoing Telnet connections, and the server you are contacting must be running a Telnet server.

By the way, you are much better off setting up and using SSH for this sort of thing -- it has it all over Telnet. Telnet is very, very insecure. And SSH can do things undreamt of by Telnet:

Secure Shell Fun and Games

Hi Kapil,

setup will open/close some of the basic ports for basic services else you have to use the iptables command to manually enter in rules (and then save the configuration once it's in a good/secure state).

An example of a line that should manually enter the rule is
iptables -I INPUT -p TCP --dport 21 -m state --state NEW -j ACCEPT

Also you may require the following rule should it not exist.
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT

Alternatively can you confirm you actually have a service listening for telnet, that is telnet-server is installed? If this isn't installed then telnet will not work.

Also to note, telnet should be safe on a LAN, however i'd still advise SSH over telnet since SSH is a much more secure protocol and should allow for SSH tunneling what may come in useful if you are going to use VNCserver.