How to disable telnet ?

[StickyBit]

Folks

My current xinetd config for telnet reads the following:

{
flags = REUSE
socket_type = stream
wait = no
user = root
server = /usr/sbin/in.telnetd
log_on_failure += USERID
disable = yes
}

after changing disable = no to disable = yes, I restarted the xinetd daemon. The system is still listening for telnet connection (telnet is not disabled) what am I doing wrong?

 

[w1nn3r]

You can verify that its telnet listening on the connection by running netstat -pantu as root, will show you exactly what is using that specific port. On redhat i know there is a telnet file in /etc/xinetd.d/ that you have to modify before it becomes disabled, is this the file you modified or is it a different flavor of linux. I hope this helps out.

 

[fluid11]

Is telnet running in standalone mode, rather than xinetd? If you can confirm that it is running with a 'netstat -nat' on port 23, then run a 'ps -ef | grep telnet' and see if its running there.

ChrisP

 

[StickyBit]

I'm trying to disable telnet, telnet is not running in standalone mode:

[root@linux root]# ps -ef | grep telnet
root 7932 7880 0 09:45 pts/0 00:00:00 grep telnet

Telnet is being started by xinetd, I have modified /etc/xinetd.d/telnet to read the following:

{
flags = REUSE
socket_type = stream
wait = no
user = root
server = /usr/sbin/in.telnetd
log_on_failure += USERID
disable = yes
}

I then restarted xinetd but xinetd is still listening for new telnet connections:

[root@linux xinetd.d]# netstat -a | grep telnet
tcp 0 0 *:telnet *:* LISTEN

How do I successfully stop xinetd listening for telnet connections?

 

[fluid11]

To be 100% sure that xinetd is starting it, stop xinetd and do a "netstat -nat | grep 23" to make sure.

If it is xinetd, run this command to make sure that another file isn't starting it...

ls /etc/xinetd.d/* | xargs grep disable

See what other things are enabled and have a look at their files.


Chris

 

[StickyBit]

I have stoped xinetd and telnet is no longer listening, it is definatlly being start by xinetd and no other file in /etc/xinetd.d is starting telnet:

[root@linux /]# ls /etc/xinetd.d/* | xargs grep disable
/etc/xinetd.d/bpcd:disable = no
/etc/xinetd.d/bpjava-msvc:disable = no
/etc/xinetd.d/chargen: disable = yes
/etc/xinetd.d/chargen-udp: disable = yes
/etc/xinetd.d/daytime: disable = yes
/etc/xinetd.d/daytime-udp: disable = yes
/etc/xinetd.d/echo: disable = yes
/etc/xinetd.d/echo-udp: disable = yes
/etc/xinetd.d/finger: disable = yes
/etc/xinetd.d/netbackup: disable = no
/etc/xinetd.d/ntalk: disable = yes
/etc/xinetd.d/rexec: disable = yes
/etc/xinetd.d/rlogin: disable = yes
/etc/xinetd.d/rsh: disable = no
/etc/xinetd.d/rsync: disable = yes
/etc/xinetd.d/servers: disable = yes
/etc/xinetd.d/services: disable = yes
/etc/xinetd.d/talk: disable = yes
/etc/xinetd.d/telnet: disable = yes
/etc/xinetd.d/time: disable = yes
/etc/xinetd.d/time-udp: disable = yes
/etc/xinetd.d/vopied:disable = no

This all started when I tried to enable rsh and had no success which is also started by xinetd.

/etc/xinetd.d/rsh: disable = no

What am I doing wrong? I can't control the enable/disable functionality of any xinetd services

 

[fluid11]

I've never seen this before. Try removing the telnet file and then restart xinetd.


Chris

 

[StickyBit]

I think I'm doing somthing wrong here because I have the same problem on both my linux redhat servers. Can someone please outline the setps to enable rsh (for an example)

Thanks,

StickyBit.

 

[fluffybunny]

Do a chkconfig --list and compare the output with the grep you made earlier and see if there is a difference.
Do confirm that your xinetd.d is the directory which xinetd reads from (see in /etc/xinetd.conf with the field includedir).

For easy enabling and disabling of services without having to edit files, use /usr/sbin/setup. Goto system services and enable or disable your services from there.

Cheers.