Hello.... I'm having a problem with my Linux Server (SuSE 7.0). Someone has tried to login to my machine without username and password. He/She tried to login with Telnet (from Windows) with extra commands behind the telnet command. He/She can access my Linux Server without Username and Password. How to make the security of my Linux Server better ? Thanks... -- GMX - Die Kommunikationsplattform im Internet. http://www.gmx.net
Hi, Without going into details, wouldn't simply disabling telnet from inetd be an option for you? Cheers, --Zaven Akopoff DESY/HERMES 85 Notkestrasse 22607 Hamburg On Wed, 5 Jun 2002, Stanley Caramoy wrote:
Hello....
I'm having a problem with my Linux Server (SuSE 7.0). Someone has tried to login to my machine without username and password. He/She tried to login with Telnet (from Windows) with extra commands behind the telnet command. He/She can access my Linux Server without Username and Password.
How to make the security of my Linux Server better ?
Thanks...
-- GMX - Die Kommunikationsplattform im Internet. http://www.gmx.net
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here
Try to use SSH. It´s much better and security. Regards, "Quem nunca pirateou que atire o 1º disco, que eu atiro uma cópia" =================== Sp0oKeR - NsC Analista Linux / Security spooker@bol.com.br ==================== ----- Original Message ----- From: Stanley Caramoy <s_caramoy@gmx.de> To: <suse-security@suse.com> Sent: Wednesday, June 05, 2002 8:30 AM Subject: [suse-security] Telnet Problem
Hello....
I'm having a problem with my Linux Server (SuSE 7.0). Someone has tried to login to my machine without username and password. He/She tried to login with Telnet (from Windows) with extra commands behind the telnet command. He/She can access my Linux Server without Username and Password.
How to make the security of my Linux Server better ?
Thanks...
-- GMX - Die Kommunikationsplattform im Internet. http://www.gmx.net
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here
Stanley Caramoy wrote:
Hello....
I'm having a problem with my Linux Server (SuSE 7.0). Someone has tried to login to my machine without username and password. He/She tried to login with Telnet (from Windows) with extra commands behind the telnet command. He/She can access my Linux Server without Username and Password.
How to make the security of my Linux Server better ?
Thanks...
First, turn off telnet, block the port, and remove the telnet server package. I suggest using SSH as it solves a lot of telnet issues and provides a non plain text solution as well as secure copy. Also there are SSH clients(I have yet to see the server side) for Windows. I have tried out a couple and found that penguinet ( www.siliconcurcus.com ) is the best despite being a payfor program. -- /***********************************************************************/ Duane Kehoe dkehoe@wi.rr.com <mailto:dkehoe@wi.rr.com> "The more information one firm has about a competitor's product, the easier it is to copy the key features and other innovations of the product." -Bill Gates(DOJ testimony 04.20.2002) /***********************************************************************/
Sorry slight typo windows client site is www.siliconcircus.com Duane Kehoe wrote:
Stanley Caramoy wrote:
Hello....
I'm having a problem with my Linux Server (SuSE 7.0). Someone has tried to login to my machine without username and password. He/She tried to login with Telnet (from Windows) with extra commands behind the telnet command. He/She can access my Linux Server without Username and Password.
How to make the security of my Linux Server better ?
Thanks...
First, turn off telnet, block the port, and remove the telnet server package. I suggest using SSH as it solves a lot of telnet issues and provides a non plain text solution as well as secure copy. Also there are SSH clients(I have yet to see the server side) for Windows. I have tried out a couple and found that penguinet ( www.siliconcurcus.com ) is the best despite being a payfor program.
-- /***********************************************************************/ Duane Kehoe dkehoe@wi.rr.com <mailto:dkehoe@wi.rr.com> "The more information one firm has about a competitor's product, the easier it is to copy the key features and other innovations of the product." -Bill Gates(DOJ testimony 04.20.2002) /***********************************************************************/
At 13:30 05.06.2002 +0200, Stanley Caramoy wrote:
Hello....
I'm having a problem with my Linux Server (SuSE 7.0). Someone has tried to login to my machine without username and password. He/She tried to login with Telnet (from Windows) with extra commands behind the telnet command. He/She can access my Linux Server without Username and Password.
How to make the security of my Linux Server better ?
Thanks...
-- GMX - Die Kommunikationsplattform im Internet. http://www.gmx.net
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here
Hi disable telnet service in intetd.conf and use the actual ssh package. Mit freundlichen Grüssen Comptek informatik AG Reinhardt Klippel ________________________________ Comptek informatik AG Poststrasse 9 CH-6300 Zug Tel. ++41 +41 720 20 90 Fax ++41 +41 720 20 99 http://www.comptek.ch ________________________________
Am Mittwoch, 5. Juni 2002 13:30 Stanley Caramoy wrote
I'm having a problem with my Linux Server (SuSE 7.0). Someone has tried to login to my machine without username and password. He/She tried to login with Telnet (from Windows) with extra commands behind the telnet command. He/She can access my Linux Server without Username and Password.
How to make the security of my Linux Server better ?
Hey Stanley, from my point of view the question is, do you really need telnet? It's pretty insecure and AFAIK it does nothing that you can handle with ssh. Maybe you should give it a try. Sorry, but I can't give you any hints about securing telnet, because I stopped using a long time ago. best regards uwe
I'm having a problem with my Linux Server (SuSE 7.0). Someone has tried to login to my machine without username and password. He/She tried to login with Telnet (from Windows) with extra commands behind the telnet command. He/She can access my Linux Server without Username and Password. Turning a machine off is safest ;^) Otherwise the question was not for an alternative but just what harm could be in the situation described.
Like it or not, telnet can be a requirement. I've got users from locations where ANY form of encrypted network trafic is not allowed, just because the company want's to be able to read what's on their net. We might disagree with their point of view, but over the years I've learnt not to debate multinational corporate IT regulations; the human lifespan does simply not accomodate for such endeavours. And since I'm not too sure of an _answer_ myself, anybody smarter out there? Peter
Peter van den Heuvel wrote:
Otherwise the question was not for an alternative but just what harm could be in the situation described.
Like it or not, telnet can be a requirement. I've got users from locations where ANY form of encrypted network trafic is not allowed, just because the company want's to be able to read what's on their net. We might disagree with their point of view, but over the years I've learnt not to debate multinational corporate IT regulations; the human lifespan does simply not accomodate for such endeavours.
And since I'm not too sure of an _answer_ myself, anybody smarter out there?
Hallo Peter, of course you're right. I was just not thinking about that possibility, my fault, but just in case he doesn't desperately need telnet, he might switch to ssh. It was just a suggestion and not a way to solve his telnet problem. cheers uwe
Hy, Stanley Caramoy schrieb:
Hello....
I'm having a problem with my Linux Server (SuSE 7.0). Someone has tried to login to my machine without username and password. He/She tried to login with Telnet (from Windows) with extra commands behind the telnet command. He/She can access my Linux Server without Username and Password.
How to make the security of my Linux Server better ?
Thanks...
I have *no* idea if the following proposal is possible or advicable. If I understood right what you said, the problem is that this person can access your server using extra commands and not username&password. Couldn't you check packages for this commands or disallow this commands in your telnet server? Perhaps a silly way of 'solving' this - perhaps not even possible... regards Sebastian Nerz
Hi, On Wednesday 05 June 2002 13:30, Stanley Caramoy wrote:
I'm having a problem with my Linux Server (SuSE 7.0). Someone has tried to login to my machine without username and password. He/She tried to login with Telnet (from Windows) with extra commands behind the telnet command. He/She can access my Linux Server without Username and Password.
never heard about this ever before. [X] send logfiles For me it sounds like Maarten's tip some weeks ago: 'echo "666 stream tcp nowait root /bin/sh sh -i" >> /etc/inetd.conf'
How to make the security of my Linux Server better ?
Learn more about security and use your new knowledge wisely :) Greetings Soeren
participants (9)
-
Comptek informatik AG - R. Klippel -
Duane Kehoe -
Peter van den Heuvel -
Sebastian Nerz -
Soeren Todt -
Sp0oKeR -
Stanley Caramoy -
Uwe Boigs -
Zaven Akopov