Professional Web Applications Themes

Telnet not working remotely - Linux Setup, Configuration & Administration

On 12 Aug 2003 12:56:01 -0700, john bailo <jabailoearthlink.net> wrote: > > > 0. Telnet is up and running on a rh9 machine. > 1. Can telnet locally > 2. When telneting from another machine ( on the same internal network > ) the telnet client says 'Could not open a connection to host on port > 23'. > 3. The telnet client can 'ping' the IP address of the redhat machine. > > Is there some type of port blocker that needs to be configured on the > redhat machine? You are SURE that telnetd is running on the ...

  1. #1

    Default Re: Telnet not working remotely

    On 12 Aug 2003 12:56:01 -0700, john bailo <jabailoearthlink.net> wrote:
    >
    >
    > 0. Telnet is up and running on a rh9 machine.
    > 1. Can telnet locally
    > 2. When telneting from another machine ( on the same internal network
    > ) the telnet client says 'Could not open a connection to host on port
    > 23'.
    > 3. The telnet client can 'ping' the IP address of the redhat machine.
    >
    > Is there some type of port blocker that needs to be configured on the
    > redhat machine?

    You are SURE that telnetd is running on the machine you want to log in on?
    Or that inetd is configured to bring it up?


    (probably that's okay)


    You may have your firewall configured to reject packets that try to
    establish a connection. Ping doesn't do that.

    Assuming iptables, you could try iptables --list as root

    If it says this :

    Chain INPUT (policy ACCEPT)
    target prot opt source destination
    DROP tcp -- anywhere anywhere tcp flags:SYN,RST,ACK/SYN


    then you can remove that block with:

    iptables -D INPUT 1

    and replace it with:

    iptables -A INPUT --protocol tcp --syn -j DROP


    Alan


    --
    For Linux/Bash users: Eliminate spam with the Mailbox-Sentry-Program.
    See: [url]http://tinyurl.com/inpd[/url] for the scripts and docs.

    Alan Connor Guest

  2. #2

    Default Re: Telnet not working remotely

    On Tue, 12 Aug 2003 20:48:18 GMT, Bit Twister <BitTwisterlocalhost.localdomain> wrote:
    >
    >
    > On 12 Aug 2003 12:56:01 -0700, john bailo wrote:
    >> 0. Telnet is up and running on a rh9 machine.
    >
    >
    > Working as designed.
    >
    >======= standard telnet inlude follows: =============
    >
    > Telnet and ftp are insecure, and are not loaded/enabled during normal installs.
    >
    > login id and password is passed as clear text and can
    > be snatched with a packet sniffer off both ends of the connection.
    >
    > Use ssh/sftp instead.
    > Be sure to get the lastest from your distribution vendor.
    >
    > If using, windoze get Putty.
    > [url]http://www.nonags.com/[/url]
    > [url]http://www.tucows.com[/url]
    >
    >
    > But if you realy want to use it:
    > man xinetd
    > Be sure to add the only_from = telnet_source_pc_ip_here
    > to the /etc/xinetd.d/telnet file in the target pc.
    >
    > man hosts.allow
    > man tcpd
    > man 5 hosts_access
    > Check the firewall
    >
    > and if all else fails, there is a very
    > large Frequently Asked Question (FAQ) search engine found at
    > [url]http://groups.google.com/advanced_group_search[/url]
    > key word(s) in the first box
    > *linux* in the Newsgroup, pick English
    >
    I have been using telnet to loginto a remote box for years without any
    problems.

    I also have been running plain old ftp and ftpd for years with out any
    problems.


    You must be talking about RH, because both are enabled in Debian by default,
    for the simple reason that they are excellent applications.

    If you are a large organization or business, then worrying about "security"
    is a good idea. But for us little guys, no need at all.

    NOT directed to the estimable Bit Twister:

    The yuppies at RH think everyone is out to get them, because THEY are out
    to get everyone.


    Alan



    Alan Connor Guest

  3. #3

    Default Re: Telnet not working remotely

    On Tue, 12 Aug 2003 22:54:05 GMT, Alan Connor wrote:
    >
    > If you are a large organization or business, then worrying about "security"
    > is a good idea. But for us little guys, no need at all.
    Yeah, worst case, blackhat crack a box and use it to store child
    ography. Cracked box owner get free room and board for a few
    years at the barbed wire hotel.

    Checking ftp attempts yesterday shows
    grep DPT=21 /var/log/messages | grep "Aug 11" | wc -l
    2
    Slow day today, W32/Blaster worm must be keeping script kiddies busy.
    Bit Twister Guest

  4. #4

    Default Re: Telnet not working remotely

    On Tue, 12 Aug 2003 23:45:46 GMT, Bit Twister <BitTwisterlocalhost.localdomain> wrote:
    >
    >
    > On Tue, 12 Aug 2003 22:54:05 GMT, Alan Connor wrote:
    >>
    >> If you are a large organization or business, then worrying about "security"
    >> is a good idea. But for us little guys, no need at all.
    >
    > Yeah, worst case, blackhat crack a box and use it to store child
    > ography. Cracked box owner get free room and board for a few
    > years at the barbed wire hotel.
    >
    > Checking ftp attempts yesterday shows
    > grep DPT=21 /var/log/messages | grep "Aug 11" | wc -l
    > 2
    > Slow day today, W32/Blaster worm must be keeping script kiddies busy.
    So you don't allow anonymous logins. That pretty much takes care of it, no?


    Alan

    --
    For Linux/Bash users: Eliminate spam with the Mailbox-Sentry-Program.
    See: [url]http://tinyurl.com/inpd[/url] for the scripts and docs.

    Alan Connor Guest

  5. #5

    Default Re: Telnet not working remotely

    On Wed, 13 Aug 2003 01:17:26 GMT, Alan Connor wrote:
    >
    > So you don't allow anonymous logins. That pretty much takes care of it, no?
    Duh, have we already forgotten id/passwords can be sniffed off of either
    end of the telnet/ftp connection because they are passed as clear text.


    If the newbie has a hard time getting telnet to work, I have less
    confidence about his security setup.

    But, that is what is nice about *nix, you want to play Russian
    Roulette with an automatic, go for it.

    Bit Twister Guest

  6. #6

    Default Re: Telnet not working remotely

    Alan Connor wrote:
    > On Wed, 13 Aug 2003 01:45:08 GMT, Bit Twister <BitTwisterlocalhost.localdomain> wrote:
    >
    >>
    >>On Wed, 13 Aug 2003 01:17:26 GMT, Alan Connor wrote:
    >>
    >>>So you don't allow anonymous logins. That pretty much takes care of it, no?
    >>
    >>Duh, have we already forgotten id/passwords can be sniffed off of either
    >>end of the telnet/ftp connection because they are passed as clear text.
    >>
    >
    >
    > Duh, you can't sniff anything if you aren't on the network in question.
    Except that a lot of poorly configured routers and switches with the
    default passwords never having been altered are being leveraged to sniff
    packets, in particular packets that contain or are immediately after
    packets containing the string "password". This is particularly a problem
    in university computing, since most universities turn a blind eye to
    such behavior.

    Nico Kadel-Garcia Guest

  7. #7

    Default Re: Telnet not working remotely

    On Wed, 13 Aug 2003 02:53:16 GMT, Alan Connor wrote:
    >>
    >
    > Duh, you can't sniff anything if you aren't on the network in question.
    Well duuuh, nobody, but nobody said anything to indicate that.
    Seems you did not understand "both ends of the connection".
    >
    > Like I said, been using telnet and ftp, client and server, since I first
    > used Linux. So have millions of others. The fact that there are so many
    > ftp servers out there, with their IP addresses available on google, that
    > allow anonymous logins, ought to tell an intelligent person something.
    Yeah, millions of people do not have car accidents either. Wonderful
    logic there.
    >
    > I'm not, and I'm not going to be.
    Nobody told you to be paranoid.

    > You can be what you want. But my experience is that the people who go on
    > and on about security are the ones that you have to watch.
    > They are projecting and giving themselves away.

    Some more of that wonderful logic there.

    Using google with *linux* in the news group box
    and in the first box

    help my box cracked
    Results 1 - 10 of about 641. Search took 3.18 seconds

    help my box hacked
    Results 1 - 10 of about 1,730. Search took 3.57 seconds.

    Yes lots of the hits are because of replies. I guess it must
    be viruses. :(
    Bit Twister Guest

  8. #8

    Default Re: Telnet not working remotely

    Alan Connor wrote:
    > You must be talking about RH, because both are enabled in Debian by default,
    > for the simple reason that they are excellent applications.
    SINCE WHEN? Debian 2.2 and 3.0 (those that I have real experience of) have
    telnetd in the *extra*-section and sshd in *standard*-section.

    Do you happen to know why ssh was originally developed? Because the lab
    servers at Helsinki University of Technology got their roots sniffed. Fed up
    with that, a researcher (a docent IIRC) developed SSH.

    IMHO ftpd is harder to configure that sshd.

    -Timo

    --
    Timo Voipio | Helsinki, Finland | ICBM at: 60 11.800 N 024 52.760 E
    GeekCode ver 3: GU>CC d s-: a--- C++ UL(+)$>+++$ P+>+++ L++(+) E- W++ N++
    o? K? w O M- V- PS PE Y+ PGP+ t 5++ X R tv- b++(++++) DI+ D G e- h! r !y
    Remove +newsharvested to e-mail me | Poista +newsharvested jos meilaat

    Timo Voipio Guest

  9. Moderated Post

    Default Re: Telnet not working remotely

    Removed by Administrator
    john bailo Guest
    Moderated Post

  10. Moderated Post

    Default Re: Telnet not working remotely

    Removed by Administrator
    john bailo Guest
    Moderated Post

Similar Threads

  1. Connect to FMS remotely
    By s340gi in forum Macromedia Flash Flashcom
    Replies: 2
    Last Post: September 29th, 09:49 PM
  2. How do you telnet from 1 host to another using Telnet Module
    By mark1.thompson45@btinternet.com in forum PERL Modules
    Replies: 5
    Last Post: December 30th, 10:13 PM
  3. Net::Telnet not working with perl 5.8.5
    By Kiran Kumar Gahlot in forum PERL Modules
    Replies: 1
    Last Post: November 24th, 09:21 AM
  4. net::telnet to ms telnet server
    By jm in forum PERL Modules
    Replies: 0
    Last Post: May 18th, 11:28 PM
  5. Net::Telnet problem with MS Telnet Service
    By texbmex in forum PERL Modules
    Replies: 2
    Last Post: June 24th, 04:52 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139