From owner-freebsd-security Wed Oct 24 23:28:16 2001 Delivered-To: freebsd-security@freebsd.org Received: from science.slc.edu (Science.SLC.Edu [198.83.6.248]) by hub.freebsd.org (Postfix) with ESMTP id B599E37B406 for ; Wed, 24 Oct 2001 23:27:53 -0700 (PDT) Received: (from aschneid@localhost) by science.slc.edu (8.11.0/8.11.0) id f9P6Qke02055; Thu, 25 Oct 2001 02:26:46 -0400 (EDT) (envelope-from aschneid) Date: Thu, 25 Oct 2001 02:26:46 -0400 From: Anthony Schneider To: Purwa Riadi Cc: freebsd-security@freebsd.org Subject: Re: telnet limitation Message-ID: <20011025022646.A2029@mail.slc.edu> References: <20011023081729.A10955@warsaw.scl.ameslab.gov> <007c01c15c6b$5a861fc0$ab5b96ca@padjajaran> <000701c15c6c$5271d620$0900000a@web.cc> <00c601c15d13$8dd17200$ab5b96ca@padjajaran> <20011025011938.A1299@mail.slc.edu> <00dd01c15d1d$f5b55120$ab5b96ca@padjajaran> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <00dd01c15d1d$f5b55120$ab5b96ca@padjajaran>; from purwa@progs4wealth.com on Thu, Oct 25, 2001 at 01:26:13PM +0700 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I'm not sure how to go about logging connections to telnetd. Perhaps someone else here knows. -Anthony. On Thu, Oct 25, 2001 at 01:26:13PM +0700, Purwa Riadi wrote: > Dear Anthony, > > Thanks for your advice, and now the rules is working in my machine. telnetd > is the key that make setting true.... > Also,can I ask again :-) > Where is the location of log file telnet? So, I can know who try to telnet > to my machine. > > thx & rgds > > Purwa > > > > ----- Original Message ----- > From: "Anthony Schneider" > To: "Purwa Riadi" > Cc: "David" ; > Sent: Thursday, October 25, 2001 12:19 PM > Subject: Re: telnet limitation > > > > I believe that the hosts.deny file is deprecated, and that rtules should > now be > > specified in /etc/hosts.allow. This is a 3.3-RELEASE box we're talking > about, > > which I'm not too sure of, but you can specify IP addresses which can > access > > telnet on your host by specifying rules in your /etc/hosts.allow file such > as: > > > > ALL : 127.0.0.1 : allow > > telnetd : 202.169.35.125 : allow > > ALL : ALL : deny > > > > What this effectively does is allow all connections from localhost to > localhost > > for any service, and deny everything for every host except for > 202.159.35.125 > > accessing telnetd. > > -Anthony. > > > > On Thu, Oct 25, 2001 at 12:11:36PM +0700, Purwa Riadi wrote: > > > > > > I was try to set the hosts.deny and hosts.allow like below > > > > > > #more /etc/hosts.allow > > > ALL: 127.0.0.1 localhost > > > ALL: 202.159.35.125 > > > ALL: 202.159.35.126 > > > > > > # more /etc/hosts.deny > > > ALL: ALL > > > > > > But, I can still telnet from all of host in my network. The rules in > both of > > > file didn't give impact at all for my machine(3.3-RELEASE FreeBSD > > > 3.3-RELEASE). > > > What should I do now....? > > > > > > Also, if I wanna upgrade the server to 4.3-Release...Is it save way for > may > > > data and setting like natd setting? > > > > > > Thx and regards > > > > > > Purwa R > > > > > > > > > ----- Original Message ----- > > > From: "David" > > > To: "Purwa Riadi" ; > > > > Sent: Wednesday, October 24, 2001 4:14 PM > > > Subject: Re: telnet limitation > > > > > > > > > > hi, > > > > > > > > try using tcp wrappers.. it is build into FreeBSD. > > > > look at hosts.allow > > > > > > > > ----- Original Message ----- > > > > From: "Purwa Riadi" > > > > To: > > > > Sent: Wednesday, October 24, 2001 5:07 PM > > > > Subject: telnet limitation > > > > > > > > > > > > > Dear FreeBSDer, > > > > > > > > > > If I wanna give rules in my server, therefore just certain IP that > can > > > > > telnet to my server, whats scripts that should I change and > configure? > > > > > Anyone can explain to me? > > > > > > > > > > > > > > > thx & regards > > > > > > > > > > Purwa > > > > > > > > > > > > > > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > > > with "unsubscribe freebsd-security" in the body of the message > > > > > > > > > > > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > with "unsubscribe freebsd-security" in the body of the message > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-security" in the body of the message > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message