Home page logo
/

basics logo Security Basics mailing list archives

Re: restricting telnet via username
From: Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>
Date: Mon, 1 Mar 2004 21:00:38 +0100

On 2004-02-27 Gregory Dunlap wrote:
I'm attempting to restrict a telnet session of a group of users who
need to run one application on a server.  They login via telnet and
that is the only option at the moment.  They need to run a shell
script and then that will launch the app.  I've set the shell for
these users to the shell script so they won't have access to anything
but this app.  I would like to restrict the telnet daemon further to
allow only certain user names so they can't do a brute force attack.
In sshd_config I've aways used allowd users setting but I don't see
that in the hpux telnet config.  Any help would be greatly
appreciated.

You can configure the system to only allow telnet connections from
specific hosts through hosts.allow or (x)inetd, but I don't know if it
is possible to restrict login on a per-user basis. Anyway I would
*strongly* recommend using ssh instead. Why is telnet your only option
at the moment? There is an HP-UX port of OpenSSH available from [1].

[1] http://hpux.asknet.de/hppd/hpux/Networking/Admin/openssh-3.7.1p2/

Regards
Ansgar Wiechers

---------------------------------------------------------------------------
Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN,
wireless security

Protect your network against hackers, viruses, spam and other risks with Astaro
Security Linux, the comprehensive security solution that combines six
applications in one software solution for ease of use and lower total cost of
ownership.

Download your free trial at
http://www.securityfocus.com/sponsor/Astaro_security-basics_040301
----------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault