From: Alexander Dalloz alexander.dalloz@uni-bielefeld.de Reply-To: For users of Fedora Core releases fedora-list@redhat.com To: For users of Fedora Core releases fedora-list@redhat.com Subject: Re: Me again... :-) Date: Sun, 04 Jul 2004 02:16:08 +0200
Am So, den 04.07.2004 schrieb Thomas Sapp um 2:04:
Does anyone have any ideas why I get an error of "Could not open
connection
to the host, on port 23: Connect failed" or "> Finger:
connect::Connection
refused" when using these services? I think it may have to do with the host.allow and host.deny files but these are both empty at the moment.
Any
help would be appreciated.
Thomas Sapp
Don't use telnet, but SSH instead to remotely login. The SSH daemon is on by default on Fedora systems.
Use a finger daemon only if you really need to. Normally there is no need.
And Fedora uses the xinetd with configuration files under /etc/xinetd.d/ for services controlled by the xinetd daemon.
Alexander
-- Alexander Dalloz | Enger, Germany | GPG key 1024D/ED695653 1999-07-13 Fedora GNU/Linux Core 2 (Tettnang) on Athlon CPU kernel 2.6.6-1.435.2.1 Serendipity 02:13:18 up 2 days, 5:37, load average: 0.10, 0.44, 0.60 << signature.asc >>
I would use SSH except I am not allow to install software on my work computer that is not approved by my company, freeware or not.
As for finger, I was only playing around with it and found that it is not working either.
And I am aware of the xinet.d files and the telnet file listed there is pretty much greek to me. Anyone able to translate the file or atleast help me understand it? Here is the contents of said file:
[root@Raisor root]# cat /etc/xinetd.d/telnet # default: on # description: The telnet server serves telnet sessions; it uses \ # unencrypted username/password pairs for authentication. service telnet { disable = no flags = REUSE socket_type = stream wait = no user = root server = /usr/sbin/in.telnetd log_on_failure += USERID }
Thanks, Thomas Sapp http://www.sappsworld.com
_________________________________________________________________ Get fast, reliable Internet access with MSN 9 Dial-up now 2 months FREE! http://join.msn.click-url.com/go/onm00200361ave/direct/01/
Am So, den 04.07.2004 schrieb Thomas Sapp um 2:29:
I would use SSH except I am not allow to install software on my work computer that is not approved by my company, freeware or not.
Then you should urgently ask your administrator then, because telnet is absolutely insecure.
And I am aware of the xinet.d files and the telnet file listed there is pretty much greek to me. Anyone able to translate the file or atleast help me understand it? Here is the contents of said file:
Thanks, Thomas Sapp
The content of the telnet service xinetd configuration file is fully explained in "man 5 xinetd.conf" and you can read it yourself. Please reask for specific things you don't understand from reading.
Alexander
On Jul 3, 2004, at 8:29 PM, Thomas Sapp wrote:
I would use SSH except I am not allow to install software on my work computer that is not approved by my company, freeware or not.
So use putty, but don't get the installer.
Unzipping and running != installing.
Thomas Sapp wrote:
I would use SSH except I am not allow to install software on my work computer that is not approved by my company, freeware or not.
Jason Costomiris wrote:
So use putty, but don't get the installer.
Unzipping and running != installing.
Do you think that Thomas' network administrators would agree with that?
In many places, trying that sort of logic would be counted as an aggrevating factor, making the perpetrator *more* likely to be fired.
I'd also suggest that telnet still has a place. That includes when the telnet sessions are encrypted (for example, through a VPN), go over a trusted network, or where the local security on the rest of the network is not high.
For example, some of the password hashes that Windows Networking uses are known to be very weak. It's not supposed to be much harder to get the passwords out of Windows than it is to get passwords out of telnet.
In small offices, this usually isn't a problem: everyone knows and trusts everyone else on the network. (Besides, there are more than enough other ways that a malicious insider could cause trouble...)
If you've got telnet set up, working, and the users know the interface (especially when they're using Windows telnet-only interfaces) it may not be worth the hassle to switch.
James.
On Mon, Jul 05, 2004 at 06:07:57PM +0100, James Wilkinson wrote:
Thomas Sapp wrote:
I would use SSH except I am not allow to install software on my work computer that is not approved by my company, freeware or not.
Jason Costomiris wrote:
So use putty, but don't get the installer.
Unzipping and running != installing.
Do you think that Thomas' network administrators would agree with that?
Good point.
Simply ask them to install the client for Putty. BTW: The client side is very inexpensive.
Putty is a product, and it is well respected in the industry. Many system administrators will install putty when they will not install ssh. System admin types should have the ability to usePutty if they do any remote administration.
-
Alexander Dalloz -
James Wilkinson -
Jason Costomiris -
Thomas Sapp -
Tom Mitchell