Solved

Opening ports

Posted on 2001-06-13
5
193 Views
Last Modified: 2013-11-15
I am a newbie, just installed redhat 7.1, with the high security level.

Of course, now, I can't seem to telnet to it (although I can locally on 127.0.0.1) or web browse it (I'm sure I installed the http server, how do I check?!)

Is there a config file somewhere, or something I need to change to open up ports?
0
Comment
Question by:jezzar
  • 2
  • 2
5 Comments
 
LVL 17

Expert Comment

by:psimation
ID: 6185285
7.1 uses xinetd.
Very easy way to get telnet up ( if installed)
Type setup at the prompt, go to system services, make a tick infront of telnet (and one infront of httpd)
If you can't see telnet or httpd in the list, they are not installed.

Now, even if telnet is there and ticked, you must still make sure that it is enabled.
Go to /etc/xinetd.d edit the telnet file in that folder and make sure it reads disable, = no
Yet, If you place this machine on the net or large network, telnet is a bad idea, rather use SSH instead...

0
 
LVL 5

Accepted Solution

by:
vsamtani earned 50 total points
ID: 6185329
You need to look at some files in the /etc directory.

/etc/hosts.deny lists names and ip addresses of hosts that are not allowed access to the machine. If it's empty, then everything is allowed access. You should have a line here that says

ALL:ALL

which means "deny access to all services from all ip addresses" (unless allowed in /etc/hosts.allow)

/etc/hosts.allow lists names and ip addresses of machines that are allowed to access services. So you could have a line in there like this:

in.telnetd: <your telnet client ip address>

which would allow access to the telnet service from the specified address. Everything else would remain banned thanks to the /etc/hosts.deny file.

You also need to examine the files in /etc/xinetd. Xinetd controls access to a number of daemons, such as telnet and ftp and pop3. Each file in this directory controls a particular service. Have a look at the telnet file, and you'll see that it has a line

disable = <either yes or no>

Obviously, if it's disable=yes, then there will be no telnet access. It probably is on disable=no, since you can telnet to localhost successfully.

You should read the manual pages for hosts.allow and hosts.deny (type man hosts.allow). Also be aware that by default, root can never telnet in to a redhat machine. Read the man pages for login and securetty to find out why. If you want to be able to login as root from a remote host over an insecure network such as the internet, you should set up ssh (secure shell).

Vijay




0
 

Author Comment

by:jezzar
ID: 6185332
I have now enabled it in the setup, allowed it through the firewall settings, and checked the disabled=no but it still won't accept connections?! Is there a start command or anything?
0
 

Author Comment

by:jezzar
ID: 6185397
Thanks - did all the above, but nothing took effect until I rebooted! (Hey, is this windows or what?!) ;o)
0
 
LVL 5

Expert Comment

by:vsamtani
ID: 6185470
Rebooting probably wasn't necessary - what rebooting would have done is restarted the xinetd service. In Redhat, you can usually restart a service by typing:

/etc/rc.d/init.d/<name of service> restart

so in this case

/etc/rc.d/init.d/xinetd restart

Should have explained that - sorry :(

Vijay
0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A list of useful business intelligence software.
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
This video demonstrates basic masking and how to edit the mask to reveal the desired image.
An overview on how to enroll an hourly employee into the employee database and how to give them access into the clock in terminal.

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question