Very Computer

I recently installed iptables on MDK 9 and used guarddog to set which
protocols are accepted. I was very pleased with the results after going to
grc.com and finding that my system is in "stealth mode". Well according to
that site anyway.

Here's where I need some help. I need to be able to use the telnet client to
access a few talkers (see www.talker.com) that I still frequent. I have
tried allowing the telnet protocol in guarddog, and even disabling the
firewall in guarddog, but I can no longer connect to anything using telnet.

I think maybe the telnet protocol is not enabled by default in iptables,
propably due to it's lack of security, and for some reason, guarddog is not
correctly telling iptables to allow it.

Is there some way to manually allow the telnet protocol? I would like to be
able to turn it on and off as needed.

Thanks... Steve
--
Linux... rebooting is optional

Follow up:

Well things have changed a bit. Now disabling the firewall in guarddog works
as it should. Which leaves me wondering, is there another protocol that
needs to be enabled in order to telnet?

On an interesting note, went to grc.com with the firewall disabled and it
shows all of my ports as closed.
--
Linux... rebooting is optional

You don't ever want to use telnet, use SSH instead. SSH does everything
that telnet does plus much much more (like tunneling, X forwarding) and
it does it over an encrypted connection. It also has RSA authentication
which is much harder to hack then the simple password authentication that
telnet relies on.

Others have pointed out the dangers of telnet, but if you have to use
it...

To create the rules:
iptables -A OUTPUT -p TCP --dport 23 -m state --state NEW,ESTABLISHED -j
ACCEPT
iptables -A INPUT  -p TCP --sport 23 -m state --state ESTABLISHED -j ACCEPT

IIRC, to delete these rules:
iptables -D OUTPUT -p TCP --dport 23 -m state --state NEW,ESTABLISHED -j
ACCEPT
iptables -D INPUT  -p TCP --sport 23 -m state --state ESTABLISHED -j ACCEPT

--
Steve Webster
Remove the 'nospam' to get my email address.

Thank you very much!
--
Linux... rebooting is optional

do you think that the combination iptables <> newbie is a good one? If
you're a real newbie you shouldn't admin a server and if not there
should be no problem with firewall/iptable scripts, because there should
be no/just few services be running on you linux box.

Andreas
--
 - Debian? - "This is our project and we can do whatever we want with it."
                                 Michael Stone <mstone#debian.org>

 I'm not running a server and have very few services running. As far as
being a newbie... I'm referring to Linux only. Hey, everyone has to start
somewhere :)
--
Linux... rebooting is optional

well, I referred to server as "my machine runs server processes...",
sorry that i was unclear.

Quote:>As far as
> being a newbie... I'm referring to Linux only. Hey, everyone has to start
> somewhere :)

seen the _real_ newbie phrase (;) )? Too many small kids think that they need a huge
amount on service daemons which will never be updated... time bombs.

Andreas
--
 - Debian? - "This is our project and we can do whatever we want with it."
                                 Michael Stone <mstone#debian.org>

hey, well uhm, you was a newbie to in the begining when you start to use
linux, are you?
well i consider i was to one of the "newbies" of linux.
I'm an admin of three servers and i have 21 years old, jejej that its!