Telnet relies on services to build Telnet: The remote Managed service Windows;linux is not recommended for use because the routing user name and password are plaintext, unsecured TCP 23 steps: 1, shutting down the firewall and SELINUX1) # service Iptables stop Temporarily off # chkconfig iptables off permanently off (boot not auto-start) 2) # Setenforce: Set selinux# getenforce view selinux status # Setenforce 0 temporarily put into permissive mode Type # Vim/etc/selinux/config permanent shutdown (restart in effect)--->selinux=disabled off 2, configure Yum source # Yum Makecache3, software three-step 1) See if the software is installed # Yum List|grep telnet# Yum list|grep xinetd2) Install related software # yum-y install xinetd telnet-server3) confirm the installation is successful and view the Software list # rpm-q xinetd# rpm-q telnet- server# rpm-ql xinetd/etc/rc.d/init.d/xinetd startup script/etc/xinetd.conf The main profile/etc/xinetd.d/the storage directory of the child configuration file/etc/xinetd.d/ Telnet Telnet Service sub-profile/usr/sbin/in.telnetd Binary Command 4, Understanding Profile 1) xinetd service main profile # man 5 xinetd.conf# cat/etc/ Xinetd.confdefaults{log_type = syslog Daemon info using syslog program Logging Log_on_failure = host failure log, recording client's host log_on_success = PID H OST DURATION EXIT Success Log, log client PID host: CPS = 50 10 50 represents 50 connections per second, 10 indicates a connection limit and waits for 10s to connect again instances = 50 Connection Instance 50, maximum connections Per_source = 10 Maximum connections per IP v6only = No not supported ipv6groups = Yes determine service process group Idumask = 002Default mask}INCLUDEDIR/ETC/XINETD.D load external directory 2) telent config file for service # Cat/etc/xinetd.d/telnetservice telnet{flags = reuse Tag socket_ Type = Stream tcp/ipwait = no no wait; service runs in multiple threads, concurrent; Yes indicates single-threaded to user = root starts as root server =/usr/bin/telnetdlog_on_failure + = USERID Logon Failure logging User Uiddisable = yes yes means shutdown service, no represents open}5, modify profile according to demand to complete the service build demand: Client side remote Management Server host via Telnet tool # vim/etc/ Xinetd.d/telnetservice telnet{flags = Reusesocket_type = streamwait = Nouser = Rootserver =/usr/sbin/in.telnetdlog_on_fa Ilure + = Useriddisable = No yes no}6, start service | Boot up #/etc/init.d/xinetd status#/etc/init.d/xinetd start# netstat-nltp|grep 237, test verification client side: # telnet 10.1.1.1 By default, root login is not allowed # Vim/etc/xinetd.d/telneteg: Requirement 1: Allow only 10.1.1.2 and 10.1.1.6---> only_ from = 10.1.1.2 10.1.1.6 requirement 2: Only 10.1.1.0/24 network segments are allowed, except 10.1.1.254--->only_from = 10.1.1.0/24no_access = 10.1.1.254 demand 3:1, control the service can only be up to 3 connections, each IP can only 1 connection 2, control can only be accessed during the workday 9:30-12:00,14:00-17:303, specify the log records to/var/log/telnet.log 4, Change the default port for the Telnet service to 10086--->disable = noinstances = 3per_source = 1access_times = 9:30-12:00 14:00-17:30log_type = File/var/log/telnet.logport = 10086 Note: 1, modify the port number must be modified in the/etc/services file relative to the service port number (man has) ; Restart service 2, the port number of the service in the/etc/services file has an impact on our access service; Client login needs to add 10086;local login no need to add 10086 thinking: The Telnet service does not let root log on by default, What if I want to allow root login? # Vim/etc/securetty
Telnet, xinetd
