You are not logged in.

Pages: 1

#1 2007-02-21 15:04:33

go4it
Member
Registered: 2006-10-03
Posts: 44

Telnet access refused by Arch-server after pacman -Suy [ SOLVED ]

Hi I am using a pc as a local server.
Since I have done an upgrade today to 2.6.20-ARCH, telnet to this server is no longer possible.
So it looks like a security feature is set now.

When I do a telnet from the console itself to the local interface ip address or to 127.0.0.1 I got
" connection closed by foreign host"

                               
                             service telnet
{
        flags                   = REUSE
        socket_type             = stream
        wait                    = no
        user                    = root
        server                  = /usr/sbin/in.telnetd
        log_on_failure          += USERID
        disable                 = no
}


checked /etc/host.allow   > there as nothing , so I have add the client address
I never configured iptables or any other firewall.

> same problem.

Any idea ?

Last edited by go4it (2007-02-21 23:12:55)

Offline

#2 2007-02-21 21:23:11

go4it
Member
Registered: 2006-10-03
Posts: 44

Re: Telnet access refused by Arch-server after pacman -Suy [ SOLVED ]

nmap 192.168.1.3

gives me:     23/ tcp open telnet

Last edited by go4it (2007-02-22 09:46:04)

Offline

#3 2007-02-21 21:31:11

closet geek
Member
Registered: 2007-02-20
Posts: 27

Re: Telnet access refused by Arch-server after pacman -Suy [ SOLVED ]

Have you checked /etc/host.deny?

cg

Offline

#4 2007-02-21 22:08:12

go4it
Member
Registered: 2006-10-03
Posts: 44

Re: Telnet access refused by Arch-server after pacman -Suy [ SOLVED ]

closet geek wrote:

Have you checked /etc/host.deny?

cg

Yes, I created this files, but without success.
finally I found that ArchLinux uses


hosts.deny   instead  of host.deny
hosts.allow   intead   of host.allow

I found

ALL: ALL: DENY  in hosts.deny

and nothing allowed in hosts.allow  !

Conclusion: After upgrade remote access is NOT allowed.

Fix: just added

ALL: 192.168.1.2: ALLOW
ALL: 127.0.0.1: ALLOW

in hosts.allow

and now it's working !  lol

Edit:

tested a few masks now:

these works:

ALL: 192.168.1.: ALLOW
ALL: 192.168.1.0/255.255.255.0: ALLOW
ALL: 192.168.1.0/255.255.255.192: ALLOW

type
xinetd -reuse            to activate what you changed.

Last edited by go4it (2007-02-22 17:40:52)

Offline

Pages: 1

Board footer

Powered by FluxBB