Thanks for the info,
Does the telnet client that is built into Windows2000 Professional allow
changing of the destination port? Could I just click start --> Run and type
in telnet 63.1.1.1 :24 ??
Thanks in Advance,
Fred
>From: Carroll Kong
>To: "Fred Danson"
>CC: [EMAIL PROTECTED]
>Subject: Re: Can you change Telnet's well known port? [7:717]
>Date: Sun, 15 Apr 2001 13:26:34 -0500
>
>At 01:32 PM 4/15/01 -0400, Fred Danson wrote:
>> >Anyway, here is what you could do
>> > Public Private
>> >63.1.1.1 :23 192.168.1.23 :23
>> >63.1.1.1 :24 192.168.1.24 :23
>> >63.1.1.1 :25 192.168.1.25 :23
>> >63.1.1.1 :26 192.168.1.26 :23
>>
>>I wasn't aware that it is possible to manipulate the port used to telnet.
>>So
>>using your example above, I would telnet to device 1 using the outside
>>destination port of 23, telnet to device 2 using the outside destination
>>port of 24, telnet to device 3 using the outside destination port of 25?
>>Is
>>it possible to do this? Would telnet work with ports other than 23? Could
>>anyone clarify this please?
>>
>>Thanks for the help,
>>Fred
>
>Absolutely. They are just daemons using a socket library. They can bind
>to any port they want and you can get the same result. As long as the
>client connects to the write server listening port, they do not care. The
>main reason why they initially set it up so that certain ports belong to
>certain services is to avoid confusion on the clients. So client software
>can be written to always connect to the 'well-known' port as opposed to
>some random port. Any well written client can choose which port to connect
>to, and if not specified, they default to the well known port.
>
>telnet 63.1.1.1 26
>that would work for most telnet clients.
>
>However, this is not the case up here. In this case, even more the reason
>why it would work.
>
>Specifically here though, we are just redirecting from the external ip:port
>to some internal ip:port. We are still communicating with an inside host
>at port 23 (well known telnet port). All they are doing up there is
>remapping from external ip:port to internal ip:port. However, always
>remember, a daemon can bind to any port they want. You can tell your unix
>telnetd to bind to port 3922 or some other port.
>
>I suppose it is some feeble form of security, but since a good portscanner
>will find your "hidden" daemon anyway, I would not try to use this as a
>form of security. (i.e., putting listening ports on say 6073).
>
>-Carroll Kong
>
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=723&t=717
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
