Re: telnet outside
From: Kasper Dupont (kasperd@daimi.au.dk)
Date: 04/22/03
- Next message: Chris Lowth: "Re: deleting files with linux"
- Previous message: Kasper Dupont: "Re: Recent ptrace exploit effected by chroot?"
- In reply to: Nils Petter Vaskinn: "Re: telnet outside"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Kasper Dupont <kasperd@daimi.au.dk> Date: Tue, 22 Apr 2003 14:47:29 +0200
Nils Petter Vaskinn wrote:
>
> On Sun, 13 Apr 2003 13:12:41 +0200, sinapsi wrote:
>
> > I think my question was bad formulated. The situations is this: I have
> > some users that connect to my server through ssh. They use telnet from
> > the shell( inside my server) to connect to their eggdrops (installed on
> > my server). I would like that they can use telnet from localhost to
> > connect to localhost , but ever avoid that they could telnet to the
> > outside.
>
> Do you trust your users and only try to prevent them from mistakenly
> telnetting outide? Or will they see this as a limitation and try to work
> around it?
>
> If you only want to prevent a mistake then remove telnet from them and
> replace it with one modified to only telnet localhost.
I don't want the ability to telnet out of my own system, but I still
want to be able to use telnet with other protocols such as SMTP and
NNTP. I just use a single iptables rule to reply with a TCP-RST packet
on any attempt to telnet outside. It is safe and doesn't break anything.
-- Kasper Dupont -- der bruger for meget tid på usenet. For sending spam use mailto:aaarep@daimi.au.dk for(_=52;_;(_%5)||(_/=5),(_%5)&&(_-=2))putchar(_);
- Next message: Chris Lowth: "Re: deleting files with linux"
- Previous message: Kasper Dupont: "Re: Recent ptrace exploit effected by chroot?"
- In reply to: Nils Petter Vaskinn: "Re: telnet outside"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
