Re: telnet outside
From: Kasper Dupont (email@example.com)
From: Kasper Dupont <firstname.lastname@example.org> Date: Tue, 22 Apr 2003 14:47:29 +0200
Nils Petter Vaskinn wrote:
> On Sun, 13 Apr 2003 13:12:41 +0200, sinapsi wrote:
> > I think my question was bad formulated. The situations is this: I have
> > some users that connect to my server through ssh. They use telnet from
> > the shell( inside my server) to connect to their eggdrops (installed on
> > my server). I would like that they can use telnet from localhost to
> > connect to localhost , but ever avoid that they could telnet to the
> > outside.
> Do you trust your users and only try to prevent them from mistakenly
> telnetting outide? Or will they see this as a limitation and try to work
> around it?
> If you only want to prevent a mistake then remove telnet from them and
> replace it with one modified to only telnet localhost.
I don't want the ability to telnet out of my own system, but I still
want to be able to use telnet with other protocols such as SMTP and
NNTP. I just use a single iptables rule to reply with a TCP-RST packet
on any attempt to telnet outside. It is safe and doesn't break anything.
-- Kasper Dupont -- der bruger for meget tid på usenet. For sending spam use mailto:email@example.com for(_=52;_;(_%5)||(_/=5),(_%5)&&(_-=2))putchar(_);