Hello Pieter!!
To disable telnet, I guess you only need to comment the line that starts
with "telnet" in the /etc/inetd.conf file. After that, you'll need to
restart inetd, so your changes will take affect. You should also disable
all other services that you don't need, like ftp, finger, etc..
To see what ports your server is listening to, run an utility called "port
scan". It will tell you everything.
Here's a couple of places where you can download a portscan:
http://www.ameth.org/~veilleux/portscan.html
http://www.insecure.org/nmap/index.html
PS: Be carefull not to portscan remote hosts. Since this can be detected,
they might think you're up to something. ;-)
I've never used ipfwadm, but I do use ipchains, and I am a very happy person.
Good luck!!!
Henrique Pantarotto
Sao Paulo - Brasil
At 15:08 15/02/99 +0200, Pieter Claassen wrote:
>Just two questions please:
>1. How do I civilly disable telnet login to a machine. We are running ssh
>and I don't want the telnet deamon to start.
>
>2. We are fedup with ipfwadm. As soon as we enable ipfwadm -I -p -deny and
>only allow the specified ports to be open, then we get no traffic.
>
>What is ironic is that http will get forwarded (masqueraded) to the subnet,
>but the gateway machine cannot see any protocol|any port. I know that
>ipfwadm pulls masqueraded packets away before the forwarding filter. What
>about the input filter.
>
>Is there any way that I can test what services are running on what ports
>(ie. if some of the services on the machine was started with non
>/etc/services port no.'s)
>
>Question, is this possibly an ipfwadm problem and will it disappear if we go
>to ipchains?
>
>Is anybody running anything else that is ok?
>
>Thanks,
>Pieter
>
>__.__._--_-_--_.__.._.__--_-_---_--
>Pieter Claassen
>www.kryptoplus.co.za
>Tel: (021) 448-4326/7 Fax: (021) 448-4185
>.._-__-_--_-__-_-->__.>.>.__._-_-_
>
>-
>To unsubscribe from this list: send the line "unsubscribe linux-net" in
>the body of a message to [EMAIL PROTECTED]
Henrique Pantarotto
Coord. T�cnico Operacional
CEPAnet Internet Provider
Web: http://www.cepa.com.br
Tel. suporte: (011) 5506-8477
Sao Paulo - Brasil
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
