HPE Community
Operating System - HP-UX
1752795 Members
6249 Online
108789 Solutions
New Discussion юеВ

Drop telnet to port 25

 
Tzvika Faibish_1
Occasional Contributor

тАО04-01-2004 02:56 AM

тАО04-01-2004 02:56 AM

Drop telnet to port 25

Hi Guys,
Can I drop telnet to port 25? how can I do it?

Thanks,
Tzvika
0 Kudos
Reply
6 REPLIES 6
Jeff Schussele
Honored Contributor

тАО04-01-2004 03:00 AM

тАО04-01-2004 03:00 AM

Re: Drop telnet to port 25

Hi Tzvika,

I think so, BUT you'd have to disable sendmail & remove it's entry from /etc/services & then edit /etc/services to make telnet 25/tcp now.

AND whenever someone telnets they'd have to
telnet hostname 25

Doable, but not practical IMO.

Rgds,
Jeff
PERSEVERANCE -- Remember, whatever does not kill you only makes you stronger!
0 Kudos
Reply
Laurent Menase
Honored Contributor

тАО04-01-2004 09:50 AM

тАО04-01-2004 09:50 AM

Re: Drop telnet to port 25

Hi
if you want to telnet to port 25:
telnet destination-ip 25

if it is the server telnetd on port 25
you can define a port in /etc/services
mytelnet 25/tcp
then in /etc/inetd.conf

copy the telnet line and replace the leading telnet by mytelnet.
mytelnet stream tcp nowait root /usr/lbin/telnetd telnetd

then inetd -c
0 Kudos
Reply
Sundar_7
Honored Contributor

тАО04-01-2004 10:11 AM

тАО04-01-2004 10:11 AM

Re: Drop telnet to port 25

Hi Tzvika,

If you just would like the capability of being able to just send mails outside then recommended practice is to have sendmail run via cron at a defined interval than as a daemon. The sendmail run via cron will ensure that repeated attempts are made for unsuccessful mail deliveries.

This way you can make sure none can telnet to 25.

Or if you would like to restrict telnet access only to nodes from certain network then have inetd kicks off a sendmail and restrict the hosts via /var/adm/inetd.sec

Sundar.
Learn What to do ,How to do and more importantly When to do ?
0 Kudos
Reply
Tzvika Faibish_1
Occasional Contributor

тАО04-03-2004 06:48 PM

тАО04-03-2004 06:48 PM

Re: Drop telnet to port 25

Guys,
What I want is to keep my sendmail on BUT drop the telnet to port 25. Any ideas?
Thanks,
Tzvika
0 Kudos
Reply
Jim Mallett
Honored Contributor

тАО04-03-2004 08:17 PM

тАО04-03-2004 08:17 PM

Re: Drop telnet to port 25

I may be wrong (it wouldn't be the first time), but I don't think it's possible to stop telnet on 25 and have sendmail function properly. I don't think there is a distinction between a telnet connection and a connection from another mail server.

If your concerns are becoming a spam relay, there are settings you can change to keep from mail being relayed from the outside world.

I personally don't use it, so can't vouch for it, but Postfix (www.postfix.org) is a 3rd party alternative.

Jim
Hindsight is 20/20
0 Kudos
Reply
Tim D Fulford
Honored Contributor

тАО04-03-2004 08:18 PM

тАО04-03-2004 08:18 PM

Re: Drop telnet to port 25

WHY? port 25 is smnp; port 21 telnet; why do you want fiddle with this well documented, programmed & generaly assumed convention? If you do, you will need to change the way EVERYTHING telnets & smnp's to that machine. I see no reason to do this other than it can be done. What is wrong with port 21?

That said, I'd use a high value port number which is not used (so you don't conflict with anything else) say "telnet 21021/tcp", This port is not registered so you are not likely to be playing "musical port numbers".

my 0.02├в ┬м worth, regards

-
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.