DBP Network Administrator wrote:
> Hi.
>
> It seems that I can telnet every listening port in
> my RedHat 6.2 box.
yes because telnet can be use as tcp socket connection for a given tcp port.
> Whenever I telnet a port, say 113,
> I get a ^] prompt and typing that will get me to the
> telnet> prompt. Is there any known security issues
> regarding that ?
yes there is.
> If there are, how would I know if
> somebody telnet to my ports ?
for well known ports, it will goes thru syslogd. if you want everything, install ip
logging and define your own rules
> What stats or logs
> would give me those information ?
the date, time and the source ip address
> I tried to use ipchains
> to block the source port but it seems that the port is
> not permanent coz when I tried to block 0-10000, it didn't
> connect at first but later it did.
dont block the source port but block the destination ip address and its port number
which is your server's ip address and port number.
fooler.
_
Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
