Security Basics mailing list archives
Re: restricting telnet via username
From: Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>
Date: Mon, 1 Mar 2004 21:00:38 +0100
On 2004-02-27 Gregory Dunlap wrote:
I'm attempting to restrict a telnet session of a group of users who need to run one application on a server. They login via telnet and that is the only option at the moment. They need to run a shell script and then that will launch the app. I've set the shell for these users to the shell script so they won't have access to anything but this app. I would like to restrict the telnet daemon further to allow only certain user names so they can't do a brute force attack. In sshd_config I've aways used allowd users setting but I don't see that in the hpux telnet config. Any help would be greatly appreciated.
You can configure the system to only allow telnet connections from specific hosts through hosts.allow or (x)inetd, but I don't know if it is possible to restrict login on a per-user basis. Anyway I would *strongly* recommend using ssh instead. Why is telnet your only option at the moment? There is an HP-UX port of OpenSSH available from [1]. [1] http://hpux.asknet.de/hppd/hpux/Networking/Admin/openssh-3.7.1p2/ Regards Ansgar Wiechers --------------------------------------------------------------------------- Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN, wireless security Protect your network against hackers, viruses, spam and other risks with Astaro Security Linux, the comprehensive security solution that combines six applications in one software solution for ease of use and lower total cost of ownership. Download your free trial at http://www.securityfocus.com/sponsor/Astaro_security-basics_040301 ----------------------------------------------------------------------------
Current thread:
- restricting telnet via username Gregory Dunlap (Mar 01)
- Re: restricting telnet via username Ansgar -59cobalt- Wiechers (Mar 01)
- Re: restricting telnet via username Gabriel Orozco (Mar 02)
- RE: restricting telnet via username Aditya, ALD [Aditya Lalit Deshmukh] (Mar 03)
- RE: restricting telnet via username Gregory Dunlap (Mar 04)
- Re: restricting telnet via username Bob Radvanovsky (Mar 04)
- RE: restricting telnet via username Gregory Dunlap (Mar 04)
- <Possible follow-ups>
- Re: restricting telnet via username Justin_Andrusk (Mar 01)
- Re: restricting telnet via username Gabriel Orozco (Mar 03)
- RE: restricting telnet via username Todd Fencl (Mar 04)
- RE: restricting telnet via username Bully Cillóniz (Mar 04)