LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 12-18-2001, 10:55 PM   #1
system
Member
 
Registered: Dec 2001
Distribution: LFS, RH, Slack
Posts: 104

Rep: Reputation: 15
Is this a secure implementation of telnet?


I am using a redhat box as an IP Masq gateway for a local network. I have set up xinetd to allow telnet connections. I included allow_only 192.168.1.0 and bind 192.168.1.1

Will this prevent telnet access to the internet? I mean to limit telnet to only accept connections from the internal network. The internal network is physically secure so I don't worry about having telnet open there.
 
Old 12-19-2001, 12:23 AM   #2
jeremy
root
 
Registered: Jun 2000
Distribution: Debian, Red Hat, Slackware, Fedora, Ubuntu
Posts: 13,553

Rep: Reputation: 4030Reputation: 4030Reputation: 4030Reputation: 4030Reputation: 4030Reputation: 4030Reputation: 4030Reputation: 4030Reputation: 4030Reputation: 4030Reputation: 4030
You may want to consider using SSH.

http://www.openssh.com
 
Old 12-19-2001, 04:32 AM   #3
Mik
Senior Member
 
Registered: Dec 2001
Location: The Netherlands
Distribution: Ubuntu
Posts: 1,316

Rep: Reputation: 47
If you are certain that your internal network is safe then that should be enough. The bind will make it only listen on the internal interface. So I think even a port scan from the outside will turn up negative, but I'm not 100% sure about that. You might want to check that. I don't remember where but I think they have websites which do a check for you at least on the known ports.
If you do check it post the results. I'd like to know if it really does show it as a closed port. According to the man files you could have the same port do something different on each interface so technically it should be possible to only have it open on the internal interface.
 
Old 12-19-2001, 04:34 AM   #4
Mik
Senior Member
 
Registered: Dec 2001
Location: The Netherlands
Distribution: Ubuntu
Posts: 1,316

Rep: Reputation: 47
Oh just another thing the allow_only should be only_from. But I assume you just made a typing error in your post.
 
Old 12-19-2001, 08:21 AM   #5
system
Member
 
Registered: Dec 2001
Distribution: LFS, RH, Slack
Posts: 104

Original Poster
Rep: Reputation: 15
Good and bad news..

Security Metrics has a port scanning service up. I did this on my windows box connected via IP Masq through the redhat box. The site was able to resolve my INTERNAL network address of the windows box! Is this a bad thing? How do I prevent it? Telnet showed closed, but NetBIOS is open! I am not sure if this is scanning my linux box or my windows box now.
Oh well.. telnet's ok, I just got a diff hole to patch now.
 
Old 12-19-2001, 08:38 AM   #6
system
Member
 
Registered: Dec 2001
Distribution: LFS, RH, Slack
Posts: 104

Original Poster
Rep: Reputation: 15
I stopped samba services on my linux box and re-scanned. NetBIOS is closed now. At least I know that the NetBIOS port open on my Win98 box isn't open to the world. I'm going to try to run samba through xinetd and bind it to the internal network. That should keep it inside.
 
Old 12-19-2001, 09:37 AM   #7
Mik
Senior Member
 
Registered: Dec 2001
Location: The Netherlands
Distribution: Ubuntu
Posts: 1,316

Rep: Reputation: 47
It's not necessary to start samba with xinetd to get it to bind to a specific interface. Samba has it's own settings which will do the same. Try running man smb.conf for more information on that.

But basically you should have the following things set:

bind interfaces only = yes
interfaces = eth0 eth1

You can also use ip numbers for the interfaces if you prefer to do that.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
VSFTPD with secure & non-secure logins Ricci Graham Linux - Software 6 02-25-2020 12:49 AM
Secure email (SSL vs. secure authentication) jrdioko Linux - Newbie 2 11-28-2004 02:39 PM
can not telnet localhost 25 but telnet dowell.exper.dynserv.com 25 exper Linux - Software 0 02-25-2004 06:13 AM
I need a more secure replacement for telnet, SCH? How? mfeoli Linux - Newbie 2 01-08-2004 06:42 PM
vsftpd very very secure, so secure i can't use it... baronsam Linux - Networking 4 10-06-2003 07:12 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 03:26 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration