SENDMAIL - How to prevent telnet into my server on port 25
Hi,
I have removed my telnet package and still people from the outside can telnet myhost.mydomain.com 25 and see my version/etc of sendmail. I thought removing my telnet package would fix this, it didnt. Does anyone know how I could prevent people from telneting in on port 25. I even have telnet disabled, but for some reason telnet on port 25 is still allowed. Thanks in advance Adam |
you've definitely set
disable = yes in the xinetd telnet file? |
Hi,
Im absolutely positive. Im using RedHat 7.1 and disabling telnet is by default. I find it very strange to have telnet disabled and yet its not really fully diabled. Thanks Adam |
|
There's the telnet server SW, which you claim to have removed; check
rpm -qa |grep -v telnetd and the telnet client SW which other people have. There's nothing you can do about that. Any service that runs in plain ascii text eg mail on port 25 can be interrogated by a remote telnet client. Good for debugging eg try telnetting to port 80 on a server that's running Apache... You may be be able to set a flag in sendmail to suppress the version num if you're paranoid, but its a minor thing in the larger picture of security. |
All times are GMT -5. The time now is 06:24 PM. |