LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   Denying telnet with message (https://www.linuxquestions.org/questions/linux-security-4/denying-telnet-with-message-1450/)

Infamous Tim 03-22-2001 11:37 AM
. I've recently set up ssh on my Red Hat 6.0 box, and I want to allow access ONLY through ssh. In order to discourage the use of telnet, I want to post a message when a user first connects to port 23, before the prompt for the login comes up. That way, I can tell users to use ssh on port 22 instead, and also where to get copies of ssh. It won't run login either. The best case scenario would be, the user would read the message, hit a key, and the connection is dropped.
. Is there some way to customize the in.telnetd program to deny logins after sending a message? Or will I need to code a special program for this?

Tim

siddiqu 03-22-2001 01:29 PM
Hi..

Edit the source code of telnetd daemon and search where he is inserting the issue.net their u add all ur messages and dont run the login program.

ssh we can get from ssh.org or openssh.org
siddiqu.T

Infamous Tim 03-24-2001 05:20 PM
???
 
well, thanks, but where in the telnetd code is the call to login? I spent a while going through it, but I couldn't really find out where it makes the call externally. Also, if it's not going to start up a shell, how would I go about removing all the shell stuff, so it doesn't start up a shell and have to close it all down again?

Tim

jeremy 03-24-2001 07:43 PM
Do you use tcpwrappers? If so you can use /etc/hosts.deny to do this. You could also you something like portsentry.

aimstr8 03-25-2001 05:56 PM
Tim,

Why not just disable it in /etc/inetd.conf .

Here's a snippet of the format its in:

#:STANDARD: These are standard services.
ftp stream tcp nowait root /usr/sbin/tcpd /usr/sbin/in.ftpd
#telnet stream tcp nowait root /usr/sbin/tcpd /usr/sbin/in.telnetd
ssh stream tcp nowait root /usr/sbin/tcpd /usr/local/sbin/sshd1 -i


You should always Close Down Unnecessary Services. A good way to find out what's going on is to run the command netstat -vat The output will look something like the following:

root$ netstat -vat
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 dsl081-050-241.dsl-:ftp grce.speakeasy.or:3045 ESTABLISHED
tcp 0 0 dsl081-050-241.d:telnet dsl081-00-04-sfo:4169 ESTABLISHED
tcp 0 0 *:1004 *:* LISTEN
tcp 0 0 dsl081-050-241.dsl:1624 cs6.ms.yahoo.com:5050 ESTABLISHED
tcp 0 0 dsl081-050-241.d:telnet dsl81-050-1-sfo:2103 ESTABLISHED
tcp 0 0 *:6000 *:* LISTEN
tcp 0 138 dsl081-050-241.d:telnet dsl081-00-1-sfo:1697 ESTABLISHED
tcp 0 0 dsl081-050-241.d:telnet dsl081-00-14-sfo:1026 ESTABLISHED
tcp 0 0 *:ssh *:* LISTEN
tcp 0 0 *:smtp *:* LISTEN
tcp 0 0 *:www *:* LISTEN
tcp 0 0 *:linuxconf *:* LISTEN
tcp 0 0 *:amidxtape *:* LISTEN
tcp 0 0 *:amandaidx *:* LISTEN
tcp 0 0 *:ftp *:* LISTEN


All times are GMT -5. The time now is 09:08 AM.