Help - Search - Members - Calendar
Full Version: Rh Telnet Server
Linuxhelp > Support > Technical Support
Bourne_Again
I have recently installed rh7 on my old aptiva about a month ago. I knew i had to beef up my security from the defaults, so i started scanning myself and found that port 23 was up and running. I had my buddy check on it for me and sure enough i've got port 23 open to the world. Just begging for someone to get shell access. still being new to linux can you inform me how to change this and drop the telnet service, because i don't want it up for sure. And anyone thinking about "helping" me out, i've got dial up sadly so my IP changes everytime i dial up, too bad though. i thank you for your help ahead of time
Joey
Hi,

I believe Red Hat 7 used /etc/xinetd.d/ to control these types services. You should have a file called telnet in /etc/xinetd.d/

In the file you should see:


disable = no

Change this to:

disable = yes

And then run /etc/init.d/xinetd restart

You can try and telnet to localhost and see if its still open.


In case RH7 doesn't use /etc/xinetd, you might have a file called /etc/inetd

In this file there will be a line with telnet in it. Comment it out (put a # before the line) and then run:

killall -HUP inetd

And this should take care of the problem.

Additionally you can remove the telnet-server package by running the following command as root:

rpm -e telnet-server

You might also want to install a firewall on the box, you can find a few pre-made scripts on our Guides Page.

Hope this helps,
hughesjr
you also probably want to use either IPCHAINS or IPTABLES as a firewall for your RedHat box. Everything you could ever want to know about IPTABLES you can find here:

http://www.linuxguruz.com/iptables/

If your current kernel can use IPTABLES, then I would use it instead of IPCHAINS ....

to see if you can use iptables, use the command:

iptables -L

If you get some results like this:

Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

then you can use IPTABLES.....

If you are not using any firewall and also not keeping up with all security updates, it will be very easy for people to compromise your system and login as root remotely ... here are just a couple examples:

Remote Root Compromises
Bourne_Again
I know i posted this a long time ago, thank you for responding. As it turns out, RH7 already uses IPchains, and i found they way to turn whichever services i want. I thank you once again for your responces.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2017 Invision Power Services, Inc.