Yes, but remember that just changing the port is very weak security that any
portscanner will be able to find:
Start - Settings - Control Panel - Administrative Tools - Telnet Server
Administrator:
Microsoft (R) Windows 2000 (TM) (Build 2195)
Telnet Server Admin (Build 5.00.99201.1)
Select one of the following options:
0) Quit this application
1) List the current users
2) Terminate a user session ...
3) Display / change registry settings ...
4) Start the service
5) Stop the service
Type an option number [0 - 5] to select that option: 3
Select one of the following options:
0) Exit this menu
1) AllowTrustedDomain
2) AltKeyMapping
3) DefaultDomain
4) DefaultShell
5) LoginScript
6) MaxFailedLogins
7) NTLM
8) TelnetPort
Type an option number [0 - 8] to select that option: 8
Current value of TelnetPort = 23
Do you want to change this value ? [y/n]
--
Jason Roysdon, CCNP+Security/CCDP, MCSE, CNA, Network+, A+
List email: [EMAIL PROTECTED]
Homepage: http://jason.artoo.net/
""Fred Danson"" wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Thanks for the info,
>
> Does the telnet client that is built into Windows2000 Professional allow
> changing of the destination port? Could I just click start --> Run and
type
> in telnet 63.1.1.1 :24 ??
>
> Thanks in Advance,
> Fred
>
>
> >From: Carroll Kong
> >To: "Fred Danson"
> >CC: [EMAIL PROTECTED]
> >Subject: Re: Can you change Telnet's well known port? [7:717]
> >Date: Sun, 15 Apr 2001 13:26:34 -0500
> >
> >At 01:32 PM 4/15/01 -0400, Fred Danson wrote:
> >> >Anyway, here is what you could do
> >> > Public Private
> >> >63.1.1.1 :23 192.168.1.23 :23
> >> >63.1.1.1 :24 192.168.1.24 :23
> >> >63.1.1.1 :25 192.168.1.25 :23
> >> >63.1.1.1 :26 192.168.1.26 :23
> >>
> >>I wasn't aware that it is possible to manipulate the port used to
telnet.
> >>So
> >>using your example above, I would telnet to device 1 using the outside
> >>destination port of 23, telnet to device 2 using the outside destination
> >>port of 24, telnet to device 3 using the outside destination port of 25?
> >>Is
> >>it possible to do this? Would telnet work with ports other than 23?
Could
> >>anyone clarify this please?
> >>
> >>Thanks for the help,
> >>Fred
> >
> >Absolutely. They are just daemons using a socket library. They can bind
> >to any port they want and you can get the same result. As long as the
> >client connects to the write server listening port, they do not care.
The
> >main reason why they initially set it up so that certain ports belong to
> >certain services is to avoid confusion on the clients. So client
software
> >can be written to always connect to the 'well-known' port as opposed to
> >some random port. Any well written client can choose which port to
connect
> >to, and if not specified, they default to the well known port.
> >
> >telnet 63.1.1.1 26
> >that would work for most telnet clients.
> >
> >However, this is not the case up here. In this case, even more the
reason
> >why it would work.
> >
> >Specifically here though, we are just redirecting from the external
ip:port
> >to some internal ip:port. We are still communicating with an inside host
> >at port 23 (well known telnet port). All they are doing up there is
> >remapping from external ip:port to internal ip:port. However, always
> >remember, a daemon can bind to any port they want. You can tell your
unix
> >telnetd to bind to port 3922 or some other port.
> >
> >I suppose it is some feeble form of security, but since a good
portscanner
> >will find your "hidden" daemon anyway, I would not try to use this as a
> >form of security. (i.e., putting listening ports on say 6073).
> >
> >-Carroll Kong
> >
>
> _________________________________________________________________
> Get your FREE download of MSN Explorer at http://explorer.msn.com
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=725&t=717
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
