LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 05-30-2001, 09:34 PM   #1
nabil
Member
 
Registered: Feb 2001
Location: MI, USA
Distribution: Debian Linux 100% GNU
Posts: 210

Rep: Reputation: 31

I accidently stumbeled on something here....
I wanted to access my server via telnet from my other computer connected vi different internet interface, but I hated to turn on telnet port for security reasons of course.
What I did is actually turned it on for about 30 seconds just long enough to login to it then I went back after I loged in and executed the command #/sbin/service xinetd restart after I ran ntvsys to turn it off again....The funny thing is I am still connected via telnet but no new sessions can be open again....
Any thoughs on that...How secure is my connection afterward..Is it still unsecure as if the tellnet port was still active or else .....
 
Old 05-31-2001, 06:08 AM   #2
raz
Member
 
Registered: Apr 2001
Location: London
Posts: 408

Rep: Reputation: 31
Cool

When a TCP based application is loaded the app has to register with TCP.
Servers do this when they issue a TCP passive open while your client does this with an active open.

Once registered the application "telnet" is linked with a virtual circuit to the TCP stack with a LISTEN state.
Your client sends a connection request, then the server issues a SYN-RECEIVED, once the handshake has been made the circuit is ESTABLISHED, so by downing Telnet this circuit is still active until your client issues a FIN flag and tares down the connection.

Answering your question:
It's secure as your connection is the only one allowed since it established the handshake with telnet.
Someone will need to try and spoof your IP + guess and correctly match your next random sequencer number in-order to hijack your connection, which on Linux is close to imposable. "windows now that's a different matter"

/Raz
 
Old 05-31-2001, 08:08 PM   #3
nabil
Member
 
Registered: Feb 2001
Location: MI, USA
Distribution: Debian Linux 100% GNU
Posts: 210

Original Poster
Rep: Reputation: 31
Hey thanks for the very technical explanation...good stuff!!!
Anyway it was just a thought. Of course it cannot be practical..I still need to think of a good firewall security solution for my box.
Thanks again.
 
Old 06-01-2001, 07:07 AM   #4
mcleodnine
Senior Member
 
Registered: May 2001
Location: Left Coast - Canada
Distribution: s l a c k w a r e
Posts: 2,731

Rep: Reputation: 45
get ssh (openssh). install it and comment out the telnet/ftp/rlogin stuff outta your inetd.conf.

use ssh instead of telnet
use scp instead of ftp

more words of advice for young people. (Bill Burroughs woulda told ya the same thing)
 
Old 06-01-2001, 05:18 PM   #5
nabil
Member
 
Registered: Feb 2001
Location: MI, USA
Distribution: Debian Linux 100% GNU
Posts: 210

Original Poster
Rep: Reputation: 31
Yea, thanks. I am gonna look into that..Although my luck the version I am gonna use will have some big security hole...What else is new!

 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
An interesting thing i saw on wikipedia liquidtenmilion General 1 08-14-2004 01:04 AM
interesting? oobe Linux - General 1 04-08-2004 10:40 PM
Some thing sounds interesting satimis General 2 03-23-2004 09:45 PM
I think it maybe interesting :) nautilus_1987 General 7 09-29-2002 01:21 PM
Interesting mikeyt_3333 Linux - Security 3 11-08-2001 02:44 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 10:32 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration