Solved

Opening ports

Posted on 2001-06-13
5
191 Views
Last Modified: 2013-11-15
I am a newbie, just installed redhat 7.1, with the high security level.

Of course, now, I can't seem to telnet to it (although I can locally on 127.0.0.1) or web browse it (I'm sure I installed the http server, how do I check?!)

Is there a config file somewhere, or something I need to change to open up ports?
0
Comment
Question by:jezzar
  • 2
  • 2
5 Comments
 
LVL 17

Expert Comment

by:psimation
ID: 6185285
7.1 uses xinetd.
Very easy way to get telnet up ( if installed)
Type setup at the prompt, go to system services, make a tick infront of telnet (and one infront of httpd)
If you can't see telnet or httpd in the list, they are not installed.

Now, even if telnet is there and ticked, you must still make sure that it is enabled.
Go to /etc/xinetd.d edit the telnet file in that folder and make sure it reads disable, = no
Yet, If you place this machine on the net or large network, telnet is a bad idea, rather use SSH instead...

0
 
LVL 5

Accepted Solution

by:
vsamtani earned 50 total points
ID: 6185329
You need to look at some files in the /etc directory.

/etc/hosts.deny lists names and ip addresses of hosts that are not allowed access to the machine. If it's empty, then everything is allowed access. You should have a line here that says

ALL:ALL

which means "deny access to all services from all ip addresses" (unless allowed in /etc/hosts.allow)

/etc/hosts.allow lists names and ip addresses of machines that are allowed to access services. So you could have a line in there like this:

in.telnetd: <your telnet client ip address>

which would allow access to the telnet service from the specified address. Everything else would remain banned thanks to the /etc/hosts.deny file.

You also need to examine the files in /etc/xinetd. Xinetd controls access to a number of daemons, such as telnet and ftp and pop3. Each file in this directory controls a particular service. Have a look at the telnet file, and you'll see that it has a line

disable = <either yes or no>

Obviously, if it's disable=yes, then there will be no telnet access. It probably is on disable=no, since you can telnet to localhost successfully.

You should read the manual pages for hosts.allow and hosts.deny (type man hosts.allow). Also be aware that by default, root can never telnet in to a redhat machine. Read the man pages for login and securetty to find out why. If you want to be able to login as root from a remote host over an insecure network such as the internet, you should set up ssh (secure shell).

Vijay




0
 

Author Comment

by:jezzar
ID: 6185332
I have now enabled it in the setup, allowed it through the firewall settings, and checked the disabled=no but it still won't accept connections?! Is there a start command or anything?
0
 

Author Comment

by:jezzar
ID: 6185397
Thanks - did all the above, but nothing took effect until I rebooted! (Hey, is this windows or what?!) ;o)
0
 
LVL 5

Expert Comment

by:vsamtani
ID: 6185470
Rebooting probably wasn't necessary - what rebooting would have done is restarted the xinetd service. In Redhat, you can usually restart a service by typing:

/etc/rc.d/init.d/<name of service> restart

so in this case

/etc/rc.d/init.d/xinetd restart

Should have explained that - sorry :(

Vijay
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Suggested Solutions

Today companies are subjected to more-and-more data, and it won't stop any time soon.  But there are obvious opportunities for reducing data, particularly data duplicated among companies.
Storage devices are generally used to save the data or sometime transfer the data from one computer system to another system. However, sometimes user accidentally erased their important data from the Storage devices. Users have to know how data reco…
The viewer will learn common shortcuts with easy ways to remember them. The viewer will then learn where to find all of the keyboard shortcuts, how to create/change them, and how to speed up their workflow.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now