HPE Community
Operating System - Linux
1758307 Members
2570 Online
108868 Solutions
New Discussion юеВ

RE : Securing Telnet/Ftp commands in Linux

 
SOLVED
Go to solution
Gopinath B
Occasional Contributor

тАО11-22-2001 05:18 AM

тАО11-22-2001 05:18 AM

RE : Securing Telnet/Ftp commands in Linux

Hi all,

Thanks a lot to all responded to my previous doubt.Especially to Marco Paganini .

Marco ,
Still i could not proceed with invoking the iptables commands you gave me. When i invoke these commands the following error appears. See attached .

I'm using Redhat Linux 7.1 rel with 2.4 kernel.I'm sure that the iptables package is installed in my system . Pls let me know the how to proceed and also let me know the dport and sport values for the given problem which you have mentioned in your reply.

Once again thanks and waiting for reply ...

Gopinath
0 Kudos
Reply
3 REPLIES 3
Marco Paganini
Respected Contributor

тАО11-22-2001 06:49 AM

тАО11-22-2001 06:49 AM

Solution

Re: RE : Securing Telnet/Ftp commands in Linux

Hello!

Glad it helped you!

It seems that somehow RH71 cannot find the ip_tables modules in your system. The first thing to do is to check if you have iptables installed. Do a:

cd /lib/modules
find . -name 'ip*'

You'll find a few things. Pay particular attention to:

iptables
and
ipchains

If any.

You may have ipchains loaded. Ipchains was used in the past but is kept with RH71 for compatibility issues. ??ou can verify what modules are loaded with:

lsmod

Check if ipchains is loaded. If it is, iptables won't load! If that's the case, you have to remove ipchains first with:

ipchains -F input
ipchains -F output
rmmod ipchains

This will remove the module from memory. Now, try the iptables command again. If it works, you'll have to remove the ipchains package so it doesn't create you any more trouble:

rpm -e ipchains

(This command will 'complain' that some other packages require ipchains. I don't remember from the top of my head which packages are those. Proceed to remove those packagkes with "rpm -e packagename" and then remove ipchains. I think you will have to remove the "firewall" and "lokkit" packages before ipchains, but the above command will tell you for sure).

Let me know if it works and if you have the iptables module under /lib/modules.

Regards,
Paga
Keeping alive, until I die.
Reply
Marco Paganini
Respected Contributor

тАО11-22-2001 07:19 AM

тАО11-22-2001 07:19 AM

Re: RE : Securing Telnet/Ftp commands in Linux

Hello again,

One more thing: If you don't want your users going outside your box, don't forget to block ssh as well (--dport 22). Also, if you want a really secure environment, the only way would be to block everything out and have a proxy setup for http.

PS: If you think the answers were helpful, don't forget to assign points to them! (both
in this and in the previous question). :)

Cheers,
Paga
Keeping alive, until I die.
Reply
Gopinath B
Occasional Contributor

тАО11-24-2001 01:29 AM

тАО11-24-2001 01:29 AM

Re: RE : Securing Telnet/Ftp commands in Linux

Hi Paga ,

Ton of thanks to you . It worked as i wanted and i could disable all the ports (0-65535) for normal users.

Thanks everyone

Gopinath
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.