Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 16 Oct 1998 23:42:20 -0500 (CDT)
From:      "Yong S. Yi" <ysyi@async.org>
To:        ace24 <ace24@gmx.net>
Cc:        VEGA <vega@d132-h017.rh.rit.edu>, kyky_2000@yahoo.com, questions@FreeBSD.ORG
Subject:   Re: Re[2]: I lost the second CD of FreeBSD 2.2.7
Message-ID:  <Pine.LNX.3.96.981016233418.29348B-100000@azazel.async.org>
In-Reply-To: <13740.981016@gmx.net>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Fri, 16 Oct 1998, ace24 wrote:

>Date: Fri, 16 Oct 1998 17:46:18 +0200
>From: ace24 <ace24@gmx.net>
>To: VEGA <vega@d132-h017.rh.rit.edu>
>Cc: kyky_2000@yahoo.com, questions@FreeBSD.ORG
>Subject: Re[2]: I lost the second CD of FreeBSD 2.2.7
>
>Friday, 16 October 1998, Vega wrote:
>
>> On Thu, 15 Oct 1998, Kyky Effe wrote:
>
>>> how do I disable telnet from all users accept couple special users.
>>
>> i dont think you can disable it for everyone except certain users,
>> although you can change the default telnet port (which i personally have
>> never done, so i cant tell ya how)

Ever hear of "security through obscurity"? Whatever your reason (for
wanting to "disable telnet"), I do not recommend changing the "default
telnet port" (which would be, of course, 23), at all. If someone were to
want to find out the port number, they could simply do a portscan, and
your "secret" is revealed. Not very good.

>Dont give em shells, ie: change /usr/local/bin/bash to /etc/false or
>something, which could be a small script like this:
>echo "You do not have shell access please mail admin@yourdomain.com for
>more info" 
>(dont forgot to add the fake shell to /etc/shells)

That'll work, except the fact that you failed to mention "#!/bin/sh" (or
similar) as the first line of the script. And why /etc? (Are we doing it
The Solaris Way?) Let's not forget that the nice FreeBSD folks
conveniently placed a script similar to that in /sbin/nologin. 

>- Ace24 (ace24@gmx.net)
>Admin at lucian.net and twistedminds.com
>Member of The Warlords (www.warlords.net)
>public pgp key available, send a mail to ace24@gmx.net with "PGP KEY
>REQUEST" (no quotes) in the subject line. 


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.3.96.981016233418.29348B-100000>