[Sunhelp] Telnet service port
Reagen Ward
ward at zilla.nu
Wed Oct 4 17:32:46 CDT 2000
Hmmn. I've always just turned telnet off in /etc/inetd, as the services file
is supposed to be a canonical listing of ports/services. If you want telnet at
a higher port, just add telnet-high port 9900 or whatever in services and do
something to /etc/inetd.conf to match.
That's a much more proper way of doing it.
On Wed, Oct 04, 2000 at 05:45:21PM -0400, David Rouse wrote:
> tcp_wrappers to control port 23 so people can't telnet in, then just run the
> telnet daemon on the high port as well. It is difficult to see how this
> helps security, however. I'd just leave telnet at 23 and use tcp_wrappers to
> control access. Some would say running shh would be even better.
>
> --
> drouse
>
>
> on 10/4/00 1:26 PM, Kevin Stevens at Kevin_Stevens at Bigfoot.com wrote:
>
> > I have changed the telnet port in my services file from the default 23 to
> > a high numbered port, as an added intrusion detection/prevention
> > measure. (I log connections to high ports differently.) This is fine
> > when telnetting into the box; however, it is annoying when telneting FROM
> > this particular box to have to remember to change the port back to
> > 23. The alternatives that are obvious to me are:
> >
> > - Change the services file back to 23. (not desirable)
> >
> > - Write a shell script wrapper for the telnet app which defaults it back
> > to 23 when run from the console. (ok but kind of clunky)
> >
> > - Live with it. (status quo)
> >
> > Any more elegant solutions to have incoming telnet at a high port while
> > outgoing remains at 23?
> >
> > KeS
> >
> > _______________________________________________
> > SunHELP maillist - SunHELP at sunhelp.org
> > http://www.sunhelp.org/mailman/listinfo/sunhelp
>
>
> _______________________________________________
> SunHELP maillist - SunHELP at sunhelp.org
> http://www.sunhelp.org/mailman/listinfo/sunhelp
More information about the SunHELP
mailing list