Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
I am using a redhat box as an IP Masq gateway for a local network. I have set up xinetd to allow telnet connections. I included allow_only 192.168.1.0 and bind 192.168.1.1
Will this prevent telnet access to the internet? I mean to limit telnet to only accept connections from the internal network. The internal network is physically secure so I don't worry about having telnet open there.
If you are certain that your internal network is safe then that should be enough. The bind will make it only listen on the internal interface. So I think even a port scan from the outside will turn up negative, but I'm not 100% sure about that. You might want to check that. I don't remember where but I think they have websites which do a check for you at least on the known ports.
If you do check it post the results. I'd like to know if it really does show it as a closed port. According to the man files you could have the same port do something different on each interface so technically it should be possible to only have it open on the internal interface.
Security Metrics has a port scanning service up. I did this on my windows box connected via IP Masq through the redhat box. The site was able to resolve my INTERNAL network address of the windows box! Is this a bad thing? How do I prevent it? Telnet showed closed, but NetBIOS is open! I am not sure if this is scanning my linux box or my windows box now.
Oh well.. telnet's ok, I just got a diff hole to patch now.
I stopped samba services on my linux box and re-scanned. NetBIOS is closed now. At least I know that the NetBIOS port open on my Win98 box isn't open to the world. I'm going to try to run samba through xinetd and bind it to the internal network. That should keep it inside.
It's not necessary to start samba with xinetd to get it to bind to a specific interface. Samba has it's own settings which will do the same. Try running man smb.conf for more information on that.
But basically you should have the following things set:
bind interfaces only = yes
interfaces = eth0 eth1
You can also use ip numbers for the interfaces if you prefer to do that.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
