Unix / Linux / Ubuntu Forum

Ask Question   UnAnswered
Home » Forum » Unix / Linux / Ubuntu       RSS Feeds

Login problem - Ipchains Firewall

  Date: Nov 24    Category: Unix / Linux / Ubuntu    Views: 417

I have a problem with a linux box which i newly installed . It has
got Ipchains Firewall installed and because of that i am not able to Telnet
or FTP or www to that machine. I tried disabling the firewall also but in
vain. I even stopped the Ipchains deamon and checked all the necessary
daemons for doing telnet is up..Can anyone help me in putting that machine
live in my network.



8 Answers Found

Answer #1    Answered On: Nov 24    

I think you have select High Firewall in during installation process, so you can not do that in that way. try these commands

ipchains -F
ipchains -X
iptables -F
iptables -X

if u have ipchains or iptables then try these commands, and u can try both also.

Answer #2    Answered On: Nov 24    

I rectified it by editing the file /etc/xinetd.d/telnet file

Answer #3    Answered On: Nov 24    

No sysadmin in their right mind is going to leave the telnet
port open on any of their machines. There is a reason why it is deactivated
in a default xinetd installation: it is completely unsecure.

All usernames and passwords travel over the line *unencrypted*. Astute use
of a packet sniffer can enable a 3rd party to gain root shell access to your
machine and wreak havoc.

Please, do consider deactivating telnet again and going for ssh instead.
It's secure, all data including usernames and passwords is encrypted before
being sent over the line.

Answer #4    Answered On: Nov 24    

Please keep in mind that ipchains –F or Iptables –F will open your system wide.

Answer #5    Answered On: Nov 24    

Is there any way i can restrict the telnet ports to my subnet only .
If there some file which can help me on this (like *.allow and *.deny)
please tell me.

Answer #6    Answered On: Nov 24    

Would use those iptables that you may have just flushed.

Somethine like iptables –a INPUT –p tcp –s <your source ip address>/<mask> –dport 22 –j ACCEPT

But don’t use telnet, cause someone will be able to sniff your password in two seconds.

Answer #7    Answered On: Nov 24    

1 line in your firewall script will get you the protection you want
(assuming you're using iptables and that your default policy is DROP):

iptables -t filter -A INPUT -p tcp -s <your_subnet> --dport 23 \
-i <your_LAN_interface> -j ACCEPT


iptables -t filter -A INPUT -p tcp -s --dport 23 \
-i eth0 -j ACCEPT

Don't know what the ipchains equivalent would be.

Answer #8    Answered On: Nov 24    

if u r using redhat.. check with /etc/x.inetd/ ..

Didn't find what you were looking for? Find more on Login problem - Ipchains Firewall Or get search suggestion and latest updates.