Recipe 2.13 Prohibiting Outgoing Telnet Connections

Previous page
Table of content
Next page

2.13.1 Problem

You want to block outgoing Telnet connections.

2.13.2 Solution

To block all outgoing Telnet connections:

For iptables:

# iptables -A OUTPUT -p tcp --dport telnet -j REJECT

For ipchains:

# ipchains -A output -p tcp --dport telnet -j REJECT

To block all outgoing Telnet connections except to yourself from yourself:

For iptables:

# iptables -A OUTPUT -p tcp -o lo --dport telnet -j ACCEPT # iptables -A OUTPUT -p tcp --dport telnet -j REJECT

For ipchains:

# ipchains -A output -p tcp -i lo --dport telnet -j ACCEPT # ipchains -A output -p tcp --dport telnet -j REJECT

2.13.3 Discussion

Telnet is notoriously insecure in its most common form, which transmits your login name and password in plaintext over the network. This recipe is a sneaky way to encourage your users to find a more secure alternative, such as ssh. (Unless your users are running Telnet in a secure fashion with Kerberos authentication. [Recipe 4.15])

2.13.4 See Also

iptables(8), ipchains(8), telnet(1).

Previous page
Table of content
Next page
Linux Security Cookbook
Linux Security Cookbook
ISBN: 0596003919
EAN: 2147483647
Year: 2006
Pages: 247
Authors: Daniel J. Barrett, Richard E. Silverman, Robert G. Byrnes
BUY ON AMAZON
Software Configuration Management
Managing Enterprise Systems with the Windows Script Host
Lotus Notes Developers Toolbox: Tips for Rapid and Successful Deployment
PMP Practice Questions Exam Cram 2
Sap Bw: a Step By Step Guide for Bw 2.0
Quartz Job Scheduling Framework: Building Open Source Enterprise Applications
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy