Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations biv343 on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

disabling rlogin , telnet and ftp

Status
Not open for further replies.

Guest_imported

New member
Jan 1, 1970
0
Dear friends,
Ur helpwill be highly appreciable.
I have U10 Sol 7 m/c.
For security reason i want to disable remote login , telnet and ftp.
To do this which file i need to modify.
This is urgent.
Thanks a lot in advance.
Risham
 
Hi,

As root:

First delete or change the permissions for the appropriate executables, telnet, ftp, rsh, etc.

(as a rule all the rxxx sommands should be disabled in a "secure" system, rsh, rlogin, rup, etc.)

Delete the entries from the /etc/inetd.conf file, they look like this:
ftp stream tcp nowait root /usr/sbin/in.ftpd in.ftpd
telnet stream tcp nowait root /usr/sbin/in.telnetd in.telnetd
shell stream tcp nowait root /usr/sbin/in.rshd in.rshd
login stream tcp nowait root /usr/sbin/in.rlogind in.rlogind
exec stream tcp nowait root /usr/sbin/in.rexecd in.rexecd
tftp dgram udp wait root /usr/sbin/in.tftpd in.tftpd -s /tftpboot

then stop and restart initd thus:

/etc/init.d/inetsvc stop
/etc/init.d/inetsvc start

You could issue a /etc/init.d/inetsvc restart but it doesn't always work.

If you can't kill it with the script kill it by hand thus:

ps -ef |grep inetd

This will return something like the following:

root 230 1 0 Jul 30 ? 0:15 /usr/sbin/inetd -s
root 23121 16722 0 13:45:48 pts/0 0:00 grep inetd

then you do this:

killl -9 230

where 230 reperesent the number that appears after "root" on the output that comes from the grep command above.

Then...

Make sure inetd is still running by issuing the above grep command once you've restarted the inetd service.

What this does:

First, changing the permissions stops people from running the commands to get OFF the machine. Second removing the services from inetd.conf stops the machine responding to people trying to get ON to the machine.

If you're trying to secure the machine you may also want to consider disabling sendmail, and making sure your version of bind is up to date as older version have a buffer overflow vulnerability that allows a hacker root access if they know what they are doing, if the machine doesn't need DNS or NIS then dissable that too, and bring the machine up "standalone"

Hope this helps

later
jb

(praxis22@hotmail.com)
 
Only a few things on this one, you really don’t need to stop inet services with:

/etc/init.d/inetsvc stop
/etc/init.d/inetsvc start

also it's better not delete the lines from "/etc/inetd.conf", just comment them with "#":

#ftp stream tcp nowait root /usr/sbin/in.ftpd in.ftpd
#telnet stream tcp nowait root /usr/sbin/in.telnetd in.telnetd
....

and you don't need kill inetd ... just send HUP to inetd read the new configuration file (don't need to stop/start inetsvc)

#ps -ef |grep inetd
root 230 1 0 Jul 30 ? 0:15 /usr/sbin/inetd -s
root 23121 16722 0 13:45:48 pts/0 0:00 grep inetd

#killl -HUP 230

Regards,

Carlos Almeida,






 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top