Re: Securing telnet
On Tue, Jul 04, 2000 at 01:23:49PM -0700, kmself@ix.netcom.com wrote:
> On Tue, Jul 04, 2000 at 03:29:16PM +0100, Patrick Kirk wrote:
> > Hi all,
> >
> > I've just installed a Debian server for a chap who insists on using
> > telnet from Windows boxes within the LAN if he wants to login. I want
> > to restrict this so that telnet can be done from the 10.0.0.0 range but
> > ssh can be used from anywhere, even if reverse DNS isn't available.
> > That's because I want to be able to login myself and fix things from
> > wherever I happen to be.
> >
> > I have set hosts.deny as blank and hosts.allow as ALL: ALL
>
> This is dangeroous. /etc/hosts.deny should be "ALL:ALL", and selected
> clients should be allowed for selected domains in /etc/hosts.allow.
>
> > Any thoughts on how to set up the rules to allows the setup above?
>
> I'd also look into ssh clients for Windows. I know there are Java
> clients available.
And then there's putty, just over 200KB, and is OK (or so I've heard).
If you wanna pay $$ many of the good ppl on misc@OpenBSD.org says
Vandyke <http://www.vandyke.com> SecureCRT is very good, with many
features ...
Just my .02 euro
Morten
--
Morten Liebach <morten@hotpost.dk> ; http://home1.stofanet.dk/liebach
"Our scientific power has outrun our spiritual power. We have guided
missiles and misguided men (Martin Luther King, Jr.)"
Reply to: