As I mentioned, then dump telnet and use SSH. If this system is connected to the Internet, then there's absolutely _no_ reason to be using telnet.
Use ipchains/iptables to limit access from the Internet. Read this presentation by Harold Pritchett, "Securing your Linux System for the Internet" at file://d:/webpages/linuxvm.org/present/SHARE98/S985512a.pdf Mark Post -----Original Message----- From: Kharnas, Simon [mailto:[EMAIL PROTECTED] Sent: Thursday, March 20, 2003 4:16 PM To: [EMAIL PROTECTED] Subject: Re: What is the best way to limit Linux Telnet access to /localho st o nly Hello, Mark. I am trying to limit the telnet logon from the outside world. I thought that DENY and ALLOW files can limit that access, so that the outside (i.e. Internet users) would not be able to logon to the server on a regular basis. I still would like to allow the local users to access the host via telnet. Simon Kharnas TIAA/CREF -----Original Message----- From: Post, Mark K [mailto:[EMAIL PROTECTED] Sent: Thursday, March 20, 2003 3:04 PM To: [EMAIL PROTECTED] Subject: Re: What is the best way to limit Linux Telnet access to /localho st o nly Simon, Do you have /etc/inetd.conf set up to use TCP Wrappers with telnetd? If so, what did you put in your /etc/hosts.allow and /etc/hosts.deny files? Why would you want to allow people already logged on to the system to telnet into the system again? And deny allow people not already logged on telnet access? What are you really trying to accomplish? Have you considering completely scrapping telnet and using SSH instead? See recent threads about why telnet should not be used for any reason, any time. Mark Post -----Original Message----- From: Kharnas, Simon [mailto:[EMAIL PROTECTED] Sent: Thursday, March 20, 2003 9:58 AM To: [EMAIL PROTECTED] Subject: What is the best way to limit Linux Telnet access to /localhost o nly I tried to play with the ALLOW and DENY files, but noticed that this doesn't prevent users from Telnetting in ... Am I missing something else? Simon Kharnas TIAA/CREF ********************************************************************** This message, including any attachments, contains confidential information intended for a specific individual and purpose, and is protected by law. If you are not the intended recipient, please contact sender immediately by reply e-mail and destroy all copies. You are hereby notified that any disclosure, copying, or distribution of this message, or the taking of any action based on it, is strictly prohibited. TIAA-CREF **********************************************************************
