Blocking connections from telnet
Rick Stevens
rstevens at vitalstream.com
Wed Mar 10 17:39:16 UTC 2004
Ajai Khattri wrote:
> On Wed, 10 Mar 2004, Kligh Darsono wrote:
>
>
>>Does it work on RH 6.2 ???
>
>
> Does 6.2 have xinetd? I dont remember it having xinetd...
No, it doesn't. It has good, ol' inetd.
Kligh, edit the /etc/inetd.conf file and find the line that reads
telnet stream tcp nowait root /usr/sbin/tcpd in.telnetd
Change that to read
telnet stream tcp nowait.1 root /usr/sbin/tcpd in.telnetd
and then "/etc/rc.d/init.d/inetd restart" to force inetd to restart.
That will only allow your system to have one telnet session started
every 60 seconds.
See "man inetd" for details about "wait/nowait[.max]".
And I can't stress it enough...DON'T USE TELNET if you are exposed to
the internet in ANY way. Install and use ssh instead. telnet is the
biggest security hole there ever was (bigger than IIS and Outlook even,
and that's saying a LOT!)
----------------------------------------------------------------------
- Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com -
- VitalStream, Inc. http://www.vitalstream.com -
- -
- Never put off 'til tommorrow what you can forget altogether! -
----------------------------------------------------------------------
More information about the Redhat-install-list
mailing list