Date: Sun, 21 Sep 1997 21:34:09 -0700 (PDT) From: Doug White <dwhite@gdi.uoregon.edu> To: Arthur Alacar <art@pili.adn.edu.ph> Cc: questions@FreeBSD.ORG Subject: Re: telnet restriction. Message-ID: <Pine.BSF.3.96.970921213245.4716T-100000@gdi.uoregon.edu> In-Reply-To: <Pine.BSF.3.95q.970920190303.1247A-100000@pili.adn.edu.ph>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 20 Sep 1997, Arthur Alacar wrote: > > So you want to keep people from telnetting to ports other than the > > standard telnet port, 23? > > > > You might be able to do it with tcp_wrappers, write a script that strips > > off the final argument, or modify the telnet source to hardware the > > destination port. > > modify telnet source?.. well.. it could simply be done....as a matter of > fact.. i have changed the permission for this telnet command... but > unfortunately we have this some 'brilliant' users... who happened to get a > copy of this telnet file (saving it on his home dir) and used it..... so > this mechanism failed. Yuck. You'd have to restrict this further back, using ipfw I guess. This probably means that you have to approve uses of ports to release the filtering. That is a royal pain, virtually immobilizing possibly legitimate user programs. I'm curious to know what precipitated this need. Doug White | University of Oregon Internet: dwhite@resnet.uoregon.edu | Residence Networking Assistant http://gladstone.uoregon.edu/~dwhite | Computer Science Major Spam routed to /dev/null by Procmail | Death to Cyberpromo
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.970921213245.4716T-100000>