Simpler Navigation for Servers and Operating Systems
Completed: a much simpler Servers and Operating Systems section of the Community. We combined many of the older boards, so you won't have to click through so many levels to get at the information you need. Check the consolidated boards here as many sub-forums are now single boards.
General
cancel
Showing results for 
Search instead for 
Did you mean: 

How do i change the telnet response to not reveal op system.

SOLVED
Go to solution
Jonathan Corbeill
Occasional Advisor

How do i change the telnet response to not reveal op system.

I have a system that is accessible from the internet. I was told that I should conceal its operating system so hackers could not use the os weaknesses to hack into the system. Currently when the system responds to a telnet response it gives the os and other infomation. How can I change the information provided to the user when responding to a telnet request?
4 REPLIES
Vincenzo Restuccia
Honored Contributor

Re: How do i change the telnet response to not reveal op system.

Edit /var/adm/inetd.sec
telnet allow 10.10.19.1 10.10.19.19 10.10.19.80 10.10.19.101
after
#inetd -c
only this ip can access your host.
Patrick Wallek
Honored Contributor

Re: How do i change the telnet response to not reveal op system.

Do you have to have telnet capability into the box from the Internet? If not I would just disable telnet altogether. You could do this a couple of ways. 1) Comment the telnet services out of /etc/inetd.conf and /etc/services or 2) Look at the file /var/adm/inetd.sec This file allows you allow or disallow services based on IP address. If you have to have telnet enabled, put an entry in /var/adm/inetd.sec so that only the IP addresses that have to get in are allowed. Here is a sample inetd.sec entry:

telnet allow 172.30.*

After you modify the inetd.sec file you should do an 'inetd -c' so that the inet daemon will reread all its configuration files.

A. Clay Stephenson
Acclaimed Contributor
Solution

Re: How do i change the telnet response to not reveal op system.

Ho Jonathan,

vi /etc/inetd.conf and locate the telnet entry.
At the end of the line add -b /dev/null.
-b specifies the banner file. Finally do an inetd -c to force a reread of /etc/inetd.conf and you're done.

Regards, Clay
If it ain't broke, I can fix that.
Joseph T. Wyckoff
Honored Contributor

Re: How do i change the telnet response to not reveal op system.

Are you concerned that telnet tells the hackers that your box is UX?

Using a port scanner they can figure this out without telnet - so 'fixing' telnet not to tell them you have UX 11 (or whatever) is largely wasted energy - unless you are doing a fairly comprehensive review of your security, and fixing other holes...

Omniback and NT problems? double check name resolution, DNS/HOSTS...