LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 07-01-2004, 04:55 AM   #1
neil
Member
 
Registered: Jul 2001
Location: Kent, UK
Distribution: AIX/Gentoo/Fedora/Solaris 8/9/10
Posts: 100

Rep: Reputation: 15
block telnet to port 80


Hi,

How can I block telnet to port 80.
I read the post how to block telnet to port 25 but it doesnt actually say how.

I have turned off telnet and I have a iptables firewall that allows port 80 in.
The Firewall has a explicit deny all at the end.

This does not stop telnet connections to ports 80 or any other port allowed through the firewall.

I guess there must be a way to examine traffic at a protocol level
so traffic with destination port 80 with telnet protocol is denied.

So, can anyone tell me how to do this with iptables?

Cheers.
Neil.
 
Old 07-01-2004, 05:56 AM   #2
ppuru
Senior Member
 
Registered: Mar 2003
Location: Beautiful BC
Distribution: RedHat & clones, Slackware, SuSE, OpenBSD
Posts: 1,791

Rep: Reputation: 46
switching off telnet services will not stop telnet connects to port 80 or port 25.

You can use telnet to connect to any open port ( a port that is listening ) that is ready to accept connections.

So, if you have apache or any other http server listening on port 80, it will also respond to telnet attempts ... although, it will not give a login prompt.
 
Old 07-01-2004, 06:00 AM   #3
neil
Member
 
Registered: Jul 2001
Location: Kent, UK
Distribution: AIX/Gentoo/Fedora/Solaris 8/9/10
Posts: 100

Original Poster
Rep: Reputation: 15
Yes I know,

But can I get iptables to filter on protocol?

The reason I ask is because somebody tried an exploit on my webserver by telnetting to port 80 and issueing commands. They were unsuccessful and have been reported to their ISP.

Cheers,
 
Old 07-01-2004, 06:07 AM   #4
dunkyb
Member
 
Registered: Nov 2002
Distribution: Debian testing.
Posts: 143

Rep: Reputation: 15
iptables -A INPUT -p TCP -s 0/0 --dport 23 -s 0/0 -j DROP
 
Old 07-01-2004, 06:23 AM   #5
ppuru
Senior Member
 
Registered: Mar 2003
Location: Beautiful BC
Distribution: RedHat & clones, Slackware, SuSE, OpenBSD
Posts: 1,791

Rep: Reputation: 46
you may use the string search feature in iptables... read somewhere that this feature is not available with 2.6 kernels ... correct me if I am wrong

http://www.lowth.com/howto/iptables-treasures.php
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
PLESK [Solution] Change port to 23 (telnet) instead of default port 8443 x5452 Linux - Software 6 05-10-2009 05:58 AM
block telnet port 25 yenonn Linux - Security 6 09-30-2005 01:34 AM
telnet port block hfawzy Linux - Security 4 08-24-2005 06:52 PM
How to block a port, such as 21? iclinux Linux - Newbie 3 01-16-2005 12:51 PM
Level & Checks block Services (Telnet, VNC...) kt8993 Mandriva 2 10-03-2004 09:35 PM


All times are GMT -5. The time now is 02:45 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration