It is my experience that yes, RH 7.1 does indeed install a firewall by
default, unless during the installation process you select high(default)
medium or none and then choose to also "customize". I select medium and then
the "customize" tab and put a checkmark in ssh. If you want telnet or ftp
you will have to check those as well. For the ability to export your
$DISPLAY from another host to this machine you will also have to add port
6000 to the other ports option in the customization settings of the firewall
config. Or just select firewall none ... your personal discretion is needed
to make that call.
You can access this rudimentary firewall via an application called lokkit
from the command line or I think that there is a cute button for it in menu
"firewall-config"
You might also check your hosts.allow and hosts.deny files. You may have to
add
ALL: .yourdomain.com
and since ssh is by default compiled with tcpwrappers support you will need
to add
sshd: ALL or .yourdomain.com
even if you enabled ssh through the firewall on the local machine.
HTH
cheers
> > In our xinetd.conf everything seems to be okay - What are some possible
or
> > likely candidates for mistakes in this file? We CAN telnet into the box
> > from itself, this is why I think telnetd is installed and running. How
can
> > I check if it is running or not?
> If you can telnet into your box with "telnet localhost" then telnetd is
> running. You can always check with "ps ax | grep telnetd" which will show
> the command itself and the telnetd if its running.
> With telnet you have to login as a normal user, not root, maybe that's the
> problem?
> > No, both machines are on the LAN behind the firewall. Is it possible
> > RedHat is setting up its own firewall and not allowing telnet access
from
> > a remote computer?
> I don't think RH sets up a firewall by default. Maybe you have played
> around with the /etc/hosts.* files and messed something up. Does the
> "connection failed" message appear when using the remote X-server or
telnet?
> Why don't you simply try ssh, maybe that works.
> nordi
> --
> Linux - Less bugs for less bucks!
> Visit http://private.addcom.de/nordi