Posts Tagged ‘telnet’

How to close Open DNS

Posted in Tips n Tricks on 05/23/2009 08:00 pm by admin

This tutorial describes how to close an Open DNS server. An Open DNS server allows anyone to use that server as a DNS lookup server. This is a potential threat and such access must either be blocked, or restricted to a few trusted IPs. This is how it is done.

1. Make a list of IPs you consider as trusted (i.e., only those IPs which can use this DNS server for DNS lookups). The list should include all IPs on the server. Now if you don’t know what I am talking about, ssh to your server, and type in the below command as root:

ifconfig | grep 'inet addr' | cut -f2 -d: | cut -f1 -d' ' | sort | uniq

2. Open /etc/named.conf in an editor. I would recommend that you take a backup of the file first before this.

cp -p /etc/named.conf /etc/named.conf.bak
vi /etc/named.conf

3. Locate this line:

key "rndckey" {
};

Move your cursor below this block of code, and press ‘i’ (to change into vi’s insert mode) and then type in the following:

acl "trusted" {
IP1; IP2; IP3; IP4; externalIP1 ;
};

Modify the line IP1; IP2; IP3; IP4; externalIP1 ; to include server’s IP addresses and any external IPs which you wish to allow recursive queries.

4. Once the acl “trusted” is added, move down the file and locate the block named options. Inside it add the below lines:

allow-recursion { trusted; };
allow-notify { trusted; };
allow-transfer { trusted; };

This is how the options block might look like once the changes are made:

options {
directory "/var/named";
allow-recursion { trusted; };
allow-notify { trusted; };
allow-transfer { trusted; };
dump-file “/var/named/data/cache_dump.db”;
statistics-file “/var/named/data/named_stats.txt”;
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};

5. Save the changes (use ‘esc’ + ‘:wq’ in vi editor) and then restart named

/etc/init.d/named stop
/etc/init.d/named start

 

How to disable Telnet

Posted in Tips n Tricks on 05/23/2009 07:48 pm by admin

Telnet is a xinetd managed service which listens on port 23. You can login to your account on the server by using a telnet client. However, unlike ssh, telnet initiates a normal connection. i.e., the telnet data packets is in plain-text format, and can be captured easily by network monitoring applications.
If you are a system administrator managing a server, it is compulsory that you have telnet service disabled on it. This is how it is done:

1. Login to your server through SSH and su to root.

2. Type

vi /etc/xinetd.d/telnet

3. Look for the line:

disable = no

and replace with

disable = yes

4. Now restart the xinetd service:

/etc/init.d/xinetd restart

5. Turn off it through chkconfig as well because it can still start during the next reboot.

/sbin/chkconfig telnet off