HPE Community
Operating System - HP-UX
1836401 Members
3235 Online
110100 Solutions
New Discussion

Re: telnet from remote hosts denied

 
Rainer von Bongartz
Honored Contributor

‎01-20-2002 11:07 PM

‎01-20-2002 11:07 PM

telnet from remote hosts denied

I have a 11.0 Server running in domain dom1.com.The server name is mars.dom1.com.

Doing a telnet from a client in a remote domain (say dom2), results in the error

Jan 21 08:01:36 mars telnetd[15193]: refused connect from merkur.dom2.com
I thought about the security file inetd.sec and inserted the following line :

telnet allow *.dom2.com

this only resulted in the problem that I can't telnet from
*.dom2.com but also not from *.dom1.com without any error message in syslog.

How do I have to configure telnet connections from remote domains ???

Reagrds
Rainer


He's a real UNIX Man, sitting in his UNIX LAN making all his UNIX plans for nobody ...
0 Kudos
Reply
5 REPLIES 5
Steven Sim Kok Leong
Honored Contributor

‎01-20-2002 11:54 PM

‎01-20-2002 11:54 PM

Re: telnet from remote hosts denied

Hi,

Verify that there is no line above your "telnet allow" line in /var/adm/inetd.sec that says:

telnet deny ...

Show us the output of:

# grep telnet /etc/inetd.conf
# grep telnet /var/adm/inetd.sec

Hope this helps. Regards.

Steven Sim Kok Leong
0 Kudos
Reply
Rainer von Bongartz
Honored Contributor

‎01-21-2002 12:07 AM

‎01-21-2002 12:07 AM

Re: telnet from remote hosts denied

Steven:

grep telnet /etc/inetd.conf :

telnet stream tcp nowait root /etc/tcpd /usr/lbin/telnetd

grep telnet /var/adm/inetd.sec:

telnet allow *.deuba.com

having this line in /var/adm/inetd.sec no telnet is possible to this host and there are absolutely no messages in syslog.
Any Ideas ??

Regards
Rainer
He's a real UNIX Man, sitting in his UNIX LAN making all his UNIX plans for nobody ...
0 Kudos
Reply
Steven Sim Kok Leong
Honored Contributor

‎01-21-2002 12:36 AM

‎01-21-2002 12:36 AM

Re: telnet from remote hosts denied

Hi,

Add full logging (-l) to your telnet sessions in /etc/inetd.conf.

telnet stream tcp nowait root /etc/tcpd /usr/lbin/telnetd -l

Can you verify whether your DNS is resolving properly at your server for your telnet clients?

Hope this helps. Regards.

Steven Sim Kok Leong
0 Kudos
Reply
Steven Sim Kok Leong
Honored Contributor

‎01-21-2002 12:41 AM

‎01-21-2002 12:41 AM

Re: telnet from remote hosts denied

Hi,

Btw, to avoid DNS as an issue, try using IP addresses and ranges instead of domain and host names in /var/adm/inetd.sec eg.

telnet allow 1.2.3.*

OR

telnet allow 1.2.3-4.1-128

Hope this helps. Regards.

Steven Sim Kok Leong
0 Kudos
Reply
Rainer von Bongartz
Honored Contributor

‎01-21-2002 12:55 AM

‎01-21-2002 12:55 AM

Re: telnet from remote hosts denied

Steven,

Ooops, missed that telnetd is wrapped by /etc/tcpd and that the corresponding permissions file is /etc/hosts.allow and /etc/hosts.deny instead of /var/adm/inetd.sec

adding the following in /etc/hosts.deny solved the problem
telnetd: .de .com EXCEPT .dil.de .deuba.com

Thanks for your hints

Rainer
He's a real UNIX Man, sitting in his UNIX LAN making all his UNIX plans for nobody ...
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.