Docstoc

telnet_server

Document Sample
telnet_server Powered By Docstoc
					Linux Services


                 Muhammad Amer
               xinetd Programs
   In computer networking, xinetd, the eXtended
    InterNET Daemon, is an open-source super-server
    daemon which runs on many Unix-like systems
    and manages Internet-based connectivity.

   The xinetd RPM is installed by default in
    Fedora/Redhat Linux and uses /etc/xinetd.conf as
    its main configuration file.

   In Unix and other computer multitasking
    operating systems, a daemon ( or ) is a
    computer program that runs in the background,
    rather than under the direct control of a user;
    they are usually initiated as background
    processes. ...


                                                   2
Controlling xinetd
   The starting and stopping of the xinetd daemon is
    controlled by the by scripts in the /etc/init.d
    directory and it is behavior at boot time is
    controlled by chkconfig.
   You can start/stop/restart xinetd after booting by
    using the following commands:
         [root@mysrv tmp]# service xinetd start
         [root@mysrv tmp]# service xinetd stop
         [root@mysrv tmp]# service xinetd restart

   To get xinetd configured to start at boot you can
    use the chkconfig command.
          [root@mysrv tmp]# chkconfig xinetd on

                                                        3
Controlling xinetd-Managed Applications
   Xinetd-managed applications all store
    their configuration files in the
    /etc/xinetd.d directory.
   Each configuration file has a disable
    statement that can set to yes or no. This
    governs whether xinetd is allowed to start
    them or not.
   You don't have to edit these files to
    activate or deactivate the application. The
    chkconfig      command          does    that
    automatically will also stops or starts the
    application accordingly too
                                               4
Telnet Server and Client




                           5
Telnet
   Telnet is a program that allows users to log into
    server and get a command prompt just as if they
    were logged into the VGA console.
   The Telnet server RPM is installed and disabled by
    default on Fedora Linux.
   One of the disadvantages of Telnet is that the
    data is sent as clear text.
   A more secure method for remote logins would be
    via Secure Shell (SSH) which uses varying
    degrees of encryption.
   The older Telnet application remains popular.
    Many network devices don't have SSH clients,
    making telnet the only means of accessing other
    devices and servers from them


                                                     6
Installing The Telnet Server Software
   Older versions of RedHat had the Telnet
    server installed by default. Fedora Linux
    does not
       you will have to install it yourself.
   Most Linux software products are
    available in a precompiled package
    format. Downloading and installing
    packages
   When searching for the file, the Telnet
    server RPM's filename usually starts with
    the word "telnet-server" followed by a
    version number as in telnet-server-
    0.17-28.i386.rpm.
                                                7
Setting Up A Telnet Server

   To set up a Telnet server use the
    chkconfig command to activate Telnet.
       [root@mysrv tmp]# chkconfig telnet on


   Use the chkconfig command to deactivate
    telnet, even after the next reboot.
       [root@mysrv tmp]# chkconfig telnet off




                                                8
Let Telnet Listen On Another TCP Port

   Letting telnet run on an alternate TCP
    port does not encrypt the traffic, but it
    makes it less likely to be detected as
    telnet traffic.
   Remember that this is not a foolproof
    strategy; good port scanning programs
    can detect telnet and other applications
    running on alternative ports.




                                                9
Let Telnet Listen On Another TCP Port

1.   Edit /etc/services file and add an entry
     for a new service. Call it stelnet.
     # Local services
     stelnet      7777/tcp                    # "secure" telnet

2.   Copy the telnet configuration file called
     /etc/xinetd.d/telnet and call it
     /etc/xinetd.d/stelnet:
[root@mysrv tmp]# cp /etc/xinetd.d/telnet /etc/xinetd.d/stelnet




                                                                  10
      Let Telnet Listen On Another TCP Port
3.   Edit the new /etc/xinetd.d/stelnet file. Make the new service
     stelnet and add a port statement for TCP port 7777.
           # default: on
           # description: The telnet server serves telnet sessions
           # unencrypted username/password pairs for authentication.
           service stelnet
           {
                flags       = REUSE
                socket_type = stream
                wait        = no
                user        = root
                server       = /usr/sbin/in.telnetd
                log_on_failure += USERID
                disable       = no
                port        = 7777
           }


4.   Use chkconfig to activate stelnet.
                 [root@mysrv tmp]# chkconfig stelnet on
                                                                       11
Let Telnet Allow Connections From
Trusted Addresses
   Root can restrict telnet logins access to individual
    remote servers by using the only_from keyword
    in the telnet configuration file.
   Add a list of trusted servers to the
    /etc/xinetd.d/telnet file separated by spaces:
         service telnet
         {
              flags       = REUSE
              socket_type = stream
              wait        = no
              user        = root
              server       = /usr/sbin/in.telnetd
              log_on_failure += USERID
              disable      = no
              only_from       = 192.168.1.100 127.0.0.1 192.168.1.200
         }

   Restart telnet by
                 # chkconfig telnet off
                 # chkconfig telnet on                                  12
Debian / Ubuntu

   In Debian / Ubuntu, the Telnet server
    runs using the inetd, not the xinetd
    daemon, and uses a single /etc/inetd.conf
    configuration to manage the activation of
    the daemons it controls.
   To stop Telnet you need only to edit the
    configuration file, comment out the Telnet
    server line, and restart inetd as seen in
    this example:



                                             13
   root@mysrv:~# vi /etc/inetd.conf ... ... ... #
    # File: /etc/inetd.conf #
   #telnet stream tcp nowait telnetd.telnetd
    /usr/sbin/tcpd /usr/sbin/in.telnetd ... ... ...
    root@mysrv:~# /etc/init.d/inetd restart *
    Restarting internet superserver... ...done.
    root@mysrv:~# netstat -a | grep telnet
    root@mysrv:~#




                                                      14
Note
   The xinetd package provides much more flexibility
    than its inetd equivalent.
   xinetd allows you to restrict connections to
    specific source IP addresses and allows you to
    specify the TCP port and server IP address on
    which to listen. You may want to convert your
    system to use the xinetd package for Telnet by
    installing xinetd and creating your own custom
    /etc/xinetd.d/telnet configuration file. The rest of
    the examples in this chapter assume that the
    more versatile xinetd is being used.




                                                      15
   You can test whether the Telnet process
    is running with the following command
    which is used to check the TCP/UDP ports
    on which your server is listening, if it isn't
    running then there will be no response.
   [root@mysrv tmp]# netstat -a | grep
    telnet tcp 0 0 *:telnet *:* LISTEN
    [root@mysrv tmp]#




                                                 16

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:10
posted:12/5/2011
language:English
pages:16