Subject: Re: Telnet to open ports
From: Bacil D. Warren, Lead Programmer (quixotic_raindrop_sw@mac.com)
Date: Sat Sep 29 2001 - 10:50:42 MDT
on 9/29/01 9:14 AM, Brian Watson <bcwatso1@uiuc.edu> is purported to have
said:
> I tried following the example on that site, but I just blocked out
> the service completely. I have xinetd services in a separate
> directory, but I have disabled all of the ones that I don't use,
> including telnet. However, people can still telnet into the services
> I have open, like pop3 and smtp.
Keep in mind that what is happening is that xinetd is listening to ports
(say, pop3, which is normally port 110), and then starting handlers when it
receives requests on those ports. How a user connects to port 110 on your
box isn't something that xinetd can tell (it can't tell you whether the
remote user connected to port 110 via telnet, a Perl script, an expect
script, or using a pop mail client).
The documentation for xinetd (look at www.stepwise.com for a pretty good
tutorial) does talk about ways to limit each services to a given range of
addresses (both via allow and deny, IIRC).
-- Bacil D. Warren, CNA Lead Programmer, CEO Quixotic Raindrop Software quixotic_raindrop_sw@mac.com
This archive was generated by hypermail 2a24 : Sat Sep 29 2001 - 10:00:34 MDT