[olug] Unix Tip: LOCK DOWN TELNET OR FTP
Jeff Hinrichs
jeffh at delasco.com
Sat Feb 22 21:18:34 UTC 2003
> LOCK DOWN TELNET OR FTP
>
> When inbound access isn't required into
> a system deny users Telnet or FTP access
> do the following:
>
> vi /etc/inetd.conf
>
> Comment the line starts with Telnet or
> FTP. Save the file and exit.
>
> Stop and start the inetd daemon now by
> following commands:
<rant>
Bah humbug! - There are almost no good reasons to have telnet installed on
any server and only servers ear marked should have ftp daemons running.
The only safe way is to get the code off of your system completely. under
Redhat:
rpm -e telnetd wu-ftpd
For remoting then use ssh/scp. It's the 21st Century why do dists insist
on keeping ftp/telnet as a part of the default install? You should have
to go look for them, they should not be installed by default. And if/when
installed, they should be disabled automatically so that if you want to do
something high risk, it's as painful as possible.
</rant>
-jeff
More information about the OLUG
mailing list