Solution to security issues of remote logon and telnet between systems

The telnet service is very powerful. This function is used by many administrators. However, due to its security and restrictions, friends who use it may also feel uneasy. Here we will explain the mutual telnet between systems and some security issues.

Telnet between host Windows XP and Virtual Machine Linux

First, the host machine is Winxp and the ip address is 192.168.1.18. Fedora Linux is installed with vmware and the ip address is 192.168.1.252. The hamachi software is installed to make it easy for people to play online. As a result, Linux cannot access the Internet. Disable it in "network connection.

Watch the teaching video to achieve mutual access between the two and sacrifice the telnet weapon. However, no matter whether it is xp or linux, telnet cannot be implemented. Think about the solution for a moment. PS: telnet port number is 23 ):

1. enable the telnet service on the XP system: Right-click "my computer", choose "manage"> "service"> "telnet", right-click "properties", and click "Manual ", and then enable it.

2. Enable the telnet service in Linux: Type chkconfigtelneton in "terminal.

3. In Windows XP, telnet Linux: "START" → "run" → cmd. Press enter to enter the command line mode, type "telnet 192.168.1.252", press enter, and enter the id and password in linux. I have a question: Why can't I use root to log on? After login, you can use su root to convert to root login, strange? The solution is found: In the vi/etc/pam. d/login file, add a # sign in front of auth required/lib/security/pam_securetty.so, and comment it out.

4. telnet XP in Linux: Open the terminal, type telnet 192.168.1.18, and prompt me to log on. PS: no password is set for the host because it is convenient for a friend to use a computer, because telnet does not allow empty passwords, the root user is added. The group must be set to Administrators or a new group named telnetClients and root can be added. Otherwise, the system will prompt "Access Denied: whether the user is a member of telnetClients. The server administrator must add the user to the preceding group. The connection to the telnet server is disabled ". For more information, see http://support.microsoft.com/kb/298060. After the connection is complete, you can connect.

Telnet service user authentication failed

The telnet service is often one of the channels through which attackers intrude into the system. In most cases, valid users will successfully authenticate the logon through telnet. If the user name or password is invalid, the telnet server will fail the authentication. If the logon username is a Super User, pay more attention to it and check whether the access source is valid. If a large number of telnet AUTHENTICATION failure responses occur in a short time, it indicates that the host may be under brute force attack.

[Countermeasure]

1. Check whether the access source IP address, authentication username, and password comply with the security policy.

2. pay close attention to the activity of a large number of source addresses that fail to be authenticated on the FTP client. If necessary, access to the source IP address of the client can be temporarily prohibited.

Event 5: Weak Password Authentication for telnet service users

Attackers may exploit the scanning software or manually guess the weak password of the telnet service to illegally obtain access to the FTP service. They may also exploit other vulnerabilities on the telnet server to obtain control of the host.

[Countermeasure]

1. Remind or force the relevant telnet service user to set a complex password.

2. Set security policies to force users to change their passwords on a regular basis.