Solved

TELNET and XP Pro

Posted on 2004-05-03
12
1,311 Views
Last Modified: 2012-06-27
Is there anyway to block telnet(port23) using security policies in windows xp.  I know that I am able to filter it at the router using an access list but the network admin for our school does not want to mess with the router.  I want to be able to stop the machines in a room from initiating a telnet session, is this possible in XP Pro without the use of a router, zonealarm...ect??  
0
Comment
Question by:akline34
  • 2
  • 2
  • 2
  • +3
12 Comments
 
LVL 57

Expert Comment

by:Pete Long
ID: 10977347
Remove telnet.exe from the clients, either manually or by login script :) its in c:\windows\system32

Pete
0
 
LVL 67

Expert Comment

by:sirbounty
ID: 10977364
Think you'll have to block it with a firewall like Zone Alarm...
I'm fairly certain system restore will replace telnet.exe if it 'disappears'...
0
 
LVL 49

Expert Comment

by:sunray_2003
ID: 10977377
How about using ICF instead of zonealarm ?
0
 

Author Comment

by:akline34
ID: 10977406
I dont wont to completely remove the application I would just like to be able to disable telnet at login, or only allow it through the use of a password?  Is this possible??
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 10977437
This is an outbound TCP port you want to stop enabling ICF will not help (unless we are in active/passive territory here) what are you ultimately trying to stop them doing? ther emust be some ussue you are trying to stamp on? I think we are approaching this from the wrong Angle, do you want them to stop opening telnet to another server?
0
Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 
LVL 44

Accepted Solution

by:
CrazyOne earned 63 total points
ID: 10977459
HOW TO: Restrict Users from Running Specific Windows Programs in Windows 2000/XP:
http://support.microsoft.com/?kbid=323525 

http://www.winguides.com/registry/display.php/969/

Restrict Users from Running Specific Applications (Windows 2000/Me/XP) Popular

This tweak can be easily applied using WinGuides Tweak Manager. Download Now!
This setting allows you to specify applications and filenames that users are restricted from running.

Open your registry and find the key [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion \Policies\Explorer]

Create a new DWORD value and name it "DisallowRun" set the value to "1" to enable application restrictions or "0" to allow all applications to run.

Then create a new sub-key called [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion \Policies\Explorer\DisallowRun] and define the applications the are to be restricted. Creating a new string value for each application, named as consecutive numbers, and setting the value to the filename to be restriced (e.g. "regedit.exe").

Restart Windows for the changes to take effect.

Registry Settings
User Key: [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\
Explorer]
System Key: [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\
Explorer]
Value Name: DisallowRun
0
 

Author Comment

by:akline34
ID: 10977555
OK- the students in my class are constantly opening a telnet on-line game (SimpleMU) I think is what it is called.  I would like to limit there use of the telnet application if that is possible without completely filtering it from use.  I am familiar wih group/local policies, but I am unaware if what I would like to accomplish is possible.  Ulimately if it gets to bad I will just block the games server IP at the firewall.
0
 
LVL 21

Expert Comment

by:gemarti
ID: 10977557
Why don't you just disable the service.

START | RUN | SERVICES.MSC
Locate the Telnet Service
Disable and Stop it.

If you ever need to use it on a machine you just remotely connect to the machine, start the service and then run it.

The suggestion from CO will disable it for all users, including you.
0
 
LVL 21

Assisted Solution

by:gemarti
gemarti earned 62 total points
ID: 10977565
The other thing to try is to right click on telnet.exe
Select security tab
Remove all groups that the students are members of. This will prevent the application from running when a unauthorized user trys to start the application.
0
 
LVL 44

Expert Comment

by:CrazyOne
ID: 10977625
Glenn what I posted can be done on user basis. Persuming akline34 is using a seperate account then don't block that account from using it.
0

Featured Post

U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Upgrade or retire 8 96
outlook PST max size limit 3 109
How Do I Set Up XP Mode in Windows 7? 8 72
What is this Task? 4 80
Disclosure: Use this tutorial only when no other options helps to get Windows XP running without any problems and you don't want to format the drive. The back up of the data is the responsible of the user, however there is a description of how t…
Are you unable to synchronize your OST (Offline Storage Table) file with Microsoft Exchange Server? Is your OST file exceeding 2 GB size limit? In Microsoft Outlook 2002 and earlier versions, there is a 2 GB size limit for the OST file. If the file …
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

932 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now