Home page logo

basics logo Security Basics mailing list archives

RE: restricting telnet via username
From: Gregory Dunlap <gtdunlap () midsouth rr com>
Date: Wed, 03 Mar 2004 21:27:40 -0600

The server is the standard telnet server that comes with HPUX, the only
config I've found is in inet.d so far and that just turns it off and on
for boot.  The client is a firm ware level OS on a scan gun by
Intermic.  This is not SSH, the OS on the scan gun is quite limited and
can not run an ssh client.  If I was using ssh it would be ideal since
the AllowUser option is there.  But I'm stuck with telnet.  Any help on
how to limit the telnet daemon to a list of users or only have the
telnet server spawn off a process (the users are login in to run a app
on the server, no other shell access is needed).

Any help is appreciated,

On Tue, 2004-03-02 at 18:34, Aditya, ALD [Aditya Lalit Deshmukh] wrote:
-----Original Message-----
From: Gregory Dunlap [mailto:gtdunlap () midsouth rr com]
Sent: Saturday, February 28, 2004 10:25 AM
To: security-basics
Subject: restricting telnet via username

Hello all,
  I'm attempting to restrict a telnet session of a group of users who
need to run one application on a server.  They login via telnet and that
is the only option at the moment.  They need to run a shell script and
then that will launch the app.  I've set the shell for these users to
the shell script so they won't have access to anything but this app.  I
would like to restrict the telnet daemon further to allow only certain
user names so they can't do a brute force attack.  In sshd_config I've
aways used allowd users setting but I don't see that in the hpux telnet
config.  Any help would be greatly appreciated.

which os and which app combo ?

if you are using windows then just add all the users that you want telnet access to to TelnetUsers group and if you 
are using unix you will have tell which version and which os for us ( the list ) to help you 

are u using telnet or ssh ?

please post more info ...


Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]