Login or Register to Ask a Question and Join Our Community


UNIX for Dummies Questions & Answers

How to block FTP ,SMTP,Telnet services?

 
Thread Tools Search this Thread
Top Forums UNIX for Dummies Questions & Answers How to block FTP ,SMTP,Telnet services?
# 1  
Old 09-08-2010
How to block FTP ,SMTP,Telnet services?
My distribution details.
Code:
# lsb_release -a
LSB Version:    :core-3.1-ia32:core-3.1-noarch:graphics-3.1-ia32:graphics-3.1-noarch
Distributor ID: EnterpriseEnterpriseServer
Description:    Enterprise Linux Enterprise Linux Server release 5.2 (Carthage)
Release:        5.2
Codename:       Carthage

Code:
# uname -a
Linux TomcatServer 2.6.18-92.el5 #1 SMP Fri May 23 22:17:30 EDT 2008 i686 i686 i386 GNU/Linux

I would also like to know if i can disable the service instead of blocking the port.

I m reffering to following link which explain how to disable the service.
Hardening Linux Servers - Forums
Quote:
1. To disable Telnet, you must edit the /etc/xinetd.d/telnet file. Open the Telnet file, using vi or an editor of your choice.
2. Comment out the service telnet line by adding a number sign (#) before service telnet: #service telnet
3. Write and quit the file.
I m not able to get telnet file under /etc/xinetd.d/

So i m stuck please help.
# 2  
Old 09-08-2010
Not knowing your distribution, you can still be using inetd instead of xinetd. So maybe have a look if there is a /etc/inetd.conf and comment it out. It could also been started as standalone demon, not being called by a super demon like inetd or xinetd. In that case (I doubt it) it could be started somewhere in /etc/rc.d/rc.<n>.

You can check what super demon you are currently using if you just issue a
Code:
ps -ef| grep inetd

and you will notice which of both you are using.

When commenting anything out in either config, don't forget to refresh/restart the super demon.

If you are definetly using xinetd and there is no config file containing a stanza for telnet below /etc/xinetd.d, then you might just not using telnet. Did you just try to connect with a telnet client to your server and check what happens?
# 3  
Old 09-08-2010
Quote:
Originally Posted by zaxxon
Not knowing your distribution, you can still be using inetd instead of xinetd. So maybe have a look if there is a /etc/inetd.conf and comment it out. It could also been started as standalone demon, not being called by a super demon like inetd or xinetd. In that case (I doubt it) it could be started somewhere in /etc/rc.d/rc.<n>.

You can check what super demon you are currently using if you just issue a
Code:
ps -ef| grep inetd

and you will notice which of both you are using.

When commenting anything out in either config, don't forget to refresh/restart the super demon.

If you are definetly using xinetd and there is no config file containing a stanza for telnet below /etc/xinetd.d, then you might just not using telnet. Did you just try to connect with a telnet client to your server and check what happens?
Code:
# ps -ef| grep inetd
root      4523     1  0 16:28 ?        00:00:00 xinetd -stayalive -pidfile /var/run/xinetd.pid

Being a new user to linux i m finding it very difficult to understand what do you mean by "So maybe have a look if there is a /etc/inetd.conf and comment it out."

I guess in my case i dont want to comment it out as i m having xinetd configured in my system thanks to "ps -ef| grep inetd" command given by you.
Can any one please help me out by telling what should i do to block following services respectively.
1)Telnet
2)FTP
3)SMTP
Please dont suggest blocking the port.
# 4  
Old 09-08-2010
Quote:
I guess in my case i dont want to comment it out as i m having xinetd configured in my system thanks to "ps -ef| grep inetd" command given by you.
Ok, then no need to worry what I wrote about inetd.

It could simply be the case, that your xinetd is just not configured for telnet and ftp.
Type in
Code:
find /etc -name "xinetd*"

and post the output please.

Also do following to make sure:
Type in from the same box or another PC, server, whatever (even Windows) at some command line:
Code:
telnet <ip-address or hostname of host to be hardened>
ftp <ip-address or hostname of host to be hardened>

If you get no login prompt but an error message for telnet as well as for ftp, we don't have to investigate further.

For smtp, we have to checkout what message transfer agent (MTA) you are using. Type in following:
Code:
ps -ef| grep -iE "sendmail|postfix|exim|courier|james|lotus|qmail|xmail|postmaster"

And post the output please.
This User Gave Thanks to zaxxon For This Post:
pinga123
# 5  
Old 09-08-2010
Quote:
Ok, then no need to worry what I wrote about inetd.

It could simply be the case, that your xinetd is just not configured for telnet and ftp.
Type in
Code:
find /etc -name "xinetd*"

and post the output please.
Code:
# find /etc -name "xinetd*"
/etc/xinetd.d
/etc/rc.d/init.d/xinetd
/etc/xinetd.conf
/etc/sysconfig/xinetd


Quote:
Also do following to make sure:
Type in from the same box or another PC, server, whatever (even Windows) at some command line:
Code:
telnet <ip-address or hostname of host to be hardened>
ftp <ip-address or hostname of host to be hardened>

If you get no login prompt but an error message for telnet as well as for ftp, we don't have to investigate further.
Code:
# telnet localhost
Trying 127.0.0.1...
telnet: connect to address 127.0.0.1: Connection refused
telnet: Unable to connect to remote host: Connection refused

I guess its not running on my machine any way i m able to ssh to the server.How would i block ssh then?

Quote:
For smtp, we have to checkout what message transfer agent (MTA) you are using. Type in following:
Code:
ps -ef| grep -iE "sendmail|postfix|exim|courier|james|lotus|qmail|xmail|postmaster"

And post the output please.

Code:
# ps -ef| grep -iE "sendmail|postfix|exim|courier|james|lotus|qmail|xmail|postmaster"
root      4598     1  0 16:28 ?        00:00:00 sendmail: accepting connections
smmsp     4615     1  0 16:28 ?        00:00:00 sendmail: Queue runner@01:00:00 for /var/spool/clientmqueue

What about FTP service?
# 6  
Old 09-08-2010
Yes, it seems telnet is not active and the config for xinetd is not installed.
To make sure you can show the contents of /etc/xinetd.d. If there is a file called telnet and one called ftp, you can check inside them - there should be a parameter called "disable" which might be already set to "= yes".

For ftp I already mentioned to do the same as with telnet - you might have overlooked it:
Quote:
Also do following to make sure:
Type in from the same box or another PC, server, whatever (even Windows) at some command line:

Code:

telnet <ip-address or hostname of host to be hardened>
ftp <ip-address or hostname of host to be hardened>

Your MTA is sendmail - check if there is entries in /etc/rc.d/rc.<n> where <n> is the appropriate run level.
There are links pointing to the start/stop script for sendmail most probably. Those containing a S are for start and those with a K are for stopping/killing it. Just remove the links for sendmail so it will neither be started or stopped.
Some distributions of Linux have a tool called a graphical "run level editor" (SuSE) to change those entries (enable/disable etc.) or something like chkconfig for command line. Debian has update-rc.d for example - no clue what your distribution uses. But manually removing the links as described above should work.
# 7  
Old 09-08-2010
During this learning phase i came across a strange problem.

I was just checking the configuration file of /etc/xinetd.d/krb5-telnet and i thought of enabling the telnet.
I modified the configuration file accordingly and restarted the server.
Code:
# cat /etc/xinetd.d/krb5-telnet
# default: off
# description: The kerberized telnet server accepts normal telnet sessions, \
# but can also use Kerberos 5 authentication.
service telnet
{
flags = REUSE
socket_type = stream
wait = no
user = root
server = /usr/kerberos/sbin/telnetd
log_on_failure += USERID
disable = no
}

Now i can able to telnet to the server from any other machine But the problem is it is not allowing me to login with correct root credentials.

What could be the issue here?

I m able to login with ssh protocol.
 
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Solaris

NIS/smtp services issue on Solaris 11

Hi, Few services not starting on new build Solaris 11 non-global zone. I uninstalled zone and reinstalled and still same issue, while global zone is working fine. smpt service is going into maintenance mode and /var/svc/log/network-smtp:sendmail.log shows that it tries and then dead ... (0 Replies)
Discussion started by: solaris_1977
0 Replies

2. AIX

UNIX script with smtp and telnet

hi, i have a problem , I'm creating a script that send a mail with telnet . via command line it's ok,but i create the .sh i have problem . this a .sh telnet open mysmtp 25 HELO sleep 15 MAIL FROM:<Email> sleep 15 RCPT TO:<email> sleep 15 DATA SUBJECT : PROVA (3 Replies)
Discussion started by: cescofran76
3 Replies

3. SCO

FTP Services

HI Guys i have a problem with my ftp site, on sco open server, when my users trying pulling reports, it gives them permission denied, it was working then suddenly stopped out of no where, i would to know how can i stop and start the ftp service to see if it will refresh before i can restart the... (1 Reply)
Discussion started by: that-guy
1 Replies

4. Shell Programming and Scripting

Automating mailing via telnet to smtp

Hi, I am trying to write a ksh script to send an attachment via telnet to an SMTP server. I'm using MKS Toolkit. mail, mailx, sendmail, nc are not working on the server where I have MKS Toolkit installed. If I type the following from the command prompt I receive an email: telnet x.com... (0 Replies)
Discussion started by: dukeEarth
0 Replies

5. Shell Programming and Scripting

telnet smtp script

Hi, I have a mysql backup script located in crontab. I need to inform system administrator if the backup fail by telnet to smtp to send failure notification. ANyone got clue on how to achieve that? cheers. (4 Replies)
Discussion started by: bulkbiz
4 Replies

6. UNIX for Dummies Questions & Answers

telnet smtp and email in batch

I can do the following steps on my UNIX box interactively, but cannot send an email with a script. Can someone help? I need to send an email or some other notification when a cron job fails. telnet xx.yy.zz.ww 25 helo mail from: 123@123.com rcpt to: my@email.net data subject: email test... (1 Reply)
Discussion started by: ejaggers
1 Replies

7. Shell Programming and Scripting

Automating telnet and ftp

Hi, I want to automate FTP. I have a fair idea that this can be done using expect scripting. But I dont how to do it. Please, can anyone give me an example of how to do it in Unix. Thanks in advance (2 Replies)
Discussion started by: sendhilmani123
2 Replies

8. Linux

ftp telnet enable

hi , i have jsut installed linux 9.0 , but i can not ftp or telnet to the system . i have installed the ftp and the telnet server during installation . i have also configured the files to enable the ftp and telnet , the ftp and the telnet daemons are running , but when i do ftp : ftp... (1 Reply)
Discussion started by: ppass
1 Replies

9. Cybersecurity

One accout for FTP other to TELNET

Hi All, If I want to have two user accounts from the same grop in UNIX Solaries. However, I want one of them to be used only for FTP while the other for TELNET. Can anybody tell me how to do that? Best Regards (13 Replies)
Discussion started by: omran
13 Replies

10. IP Networking

FTP or Telnet

Dumb question I'm sure but how on earth do I transfer files from a sco unix machine to my windows 2000 machine. I'm typing commands on my Win2000 machine. All I can seem to do is move files around on the unix system? (8 Replies)
Discussion started by: Timbash
8 Replies
Login or Register to Ask a Question