From owner-freebsd-questions Thu Jan 16 19:39:52 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.4/8.8.4) id TAA07113 for questions-outgoing; Thu, 16 Jan 1997 19:39:52 -0800 (PST) Received: from tulpi.interconnect.com.au (root@tulpi.interconnect.com.au [192.189.54.18]) by freefall.freebsd.org (8.8.4/8.8.4) with ESMTP id TAA07105 for ; Thu, 16 Jan 1997 19:39:48 -0800 (PST) Received: (from ahill@localhost) by tulpi.interconnect.com.au id OAA16256 (8.7.6/IDA-1.6); Fri, 17 Jan 1997 14:39:30 +1100 (EST) Date: Fri, 17 Jan 1997 14:39:29 +1100 (EST) From: Anthony Hill To: Nick Liu cc: questions@freebsd.org Subject: Re: How to restrict users from telneting in? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-questions@freebsd.org X-Loop: FreeBSD.org Precedence: bulk On Wed, 15 Jan 1997, Nick Liu wrote: > > I'd like to restrict users from telneting into my server. Is there anyway > in doing that? > > I think I've seen the discussion some where, but I couldn't remember the > place. > > If you know, please cc me. If you dont want ANYONE to telnet into your system then you should comment the telnet line out of /etc/inetd.conf, then restart the inet process will a 'kill -HUP "the inetd process id"'. If you still want people on your local network to be able to telnet in, the two traditional methods have been to use tcpwrappers, or a filter package. Tcpwappers seems to be declining in popularity these days, and I would recommend a filter package - specificaly IPfilter, although ipfw seems popular too. You may also want to look at ssh (secure shell) which amongst other things replaces the functionality of telnet with an public/private key encrypted session. (very cool, and quite popular.)