topic Re: RE : Securing Telnet/Ftp commands in Linux in Operating System - Linux

RE : Securing Telnet/Ftp commands in Linux

Gopinath B — Thu, 22 Nov 2001 13:18:06 GMT

Hi all,

Thanks a lot to all responded to my previous doubt.Especially to Marco Paganini .

Marco ,
Still i could not proceed with invoking the iptables commands you gave me. When i invoke these commands the following error appears. See attached .

I'm using Redhat Linux 7.1 rel with 2.4 kernel.I'm sure that the iptables package is installed in my system . Pls let me know the how to proceed and also let me know the dport and sport values for the given problem which you have mentioned in your reply.

Once again thanks and waiting for reply ...

Gopinath

Re: RE : Securing Telnet/Ftp commands in Linux

Marco Paganini — Thu, 22 Nov 2001 14:49:37 GMT

Hello!

Glad it helped you!

It seems that somehow RH71 cannot find the ip_tables modules in your system. The first thing to do is to check if you have iptables installed. Do a:

cd /lib/modules
find . -name 'ip*'

You'll find a few things. Pay particular attention to:

iptables
and
ipchains

If any.

You may have ipchains loaded. Ipchains was used in the past but is kept with RH71 for compatibility issues. ??ou can verify what modules are loaded with:

lsmod

Check if ipchains is loaded. If it is, iptables won't load! If that's the case, you have to remove ipchains first with:

ipchains -F input
ipchains -F output
rmmod ipchains

This will remove the module from memory. Now, try the iptables command again. If it works, you'll have to remove the ipchains package so it doesn't create you any more trouble:

rpm -e ipchains

(This command will 'complain' that some other packages require ipchains. I don't remember from the top of my head which packages are those. Proceed to remove those packagkes with "rpm -e packagename" and then remove ipchains. I think you will have to remove the "firewall" and "lokkit" packages before ipchains, but the above command will tell you for sure).

Let me know if it works and if you have the iptables module under /lib/modules.

Regards,
Paga

Re: RE : Securing Telnet/Ftp commands in Linux

Marco Paganini — Thu, 22 Nov 2001 15:19:05 GMT

Hello again,

One more thing: If you don't want your users going outside your box, don't forget to block ssh as well (--dport 22). Also, if you want a really secure environment, the only way would be to block everything out and have a proxy setup for http.

PS: If you think the answers were helpful, don't forget to assign points to them! (both
in this and in the previous question). :)

Cheers,
Paga

Re: RE : Securing Telnet/Ftp commands in Linux

Gopinath B — Sat, 24 Nov 2001 09:29:11 GMT

Hi Paga ,

Ton of thanks to you . It worked as i wanted and i could disable all the ports (0-65535) for normal users.

Thanks everyone

Gopinath