Subject: Re: Problem with remote login - via dynamic DNS
From: Ben Ricker (bricker@us-rx.com)
Date: Tue Feb 13 2001 - 08:02:04 MST
From: Iain Stevenson <iain@iainstevenson.com>
Subject: Problem with remote login - via dynamic DNS
DO NOT DO THIS. Your problem is that Telnet is not receiving
connections, probably due to some settings on your system (tcp wrappers?
inetd not configured correctly?).
However, telnet is a HUMONGOID security hole and you are asking to get
your password sniffed. For example, your tcpdump will be done on the
outside with a sniffer and they have your login and password in PLAIN
TEXT.
Check out ssh, a much better solution. Try http://www.openssh.org. East
to install and has 1024bit encryption.
>I'd like to be able to access my linux server remotely. It connects to
my
>ISP through an ADSL router (supplied by the carrier) and has a dynamic
IP
>address. The server does masquerading although turning this off seems
to
>make little difference.
>I signed up to one of the dynamic DNS services and I've been trying to
>telnet from a local client, via the Internet, back to my server. I
have
>been monitoring the link between the server and the ADSL router with
>tcpdump.
>If I ping the address selected from the dynamic DNS service (eg
>fakeaddress.com) the ICMP packets show up fine. If I try telnet, I get
>this:
>Trying www.xxx.yyy.zzz....
>Connected to fakeaddress.com.
>Escape character is '^]'.
>Telnet access denied
>Connection closed by foreign host.
>where www.xxx.yyy.zzz is the current IP address assigned to the ADSL
router.
>An exchange of packets is registered by tcpdump (attached at the bottom
of
>this email). Anyone know what the problem is? Or am I trying
something
>fundamentally dumb?
>Iain
This archive was generated by hypermail 2a24 : Tue Feb 13 2001 - 08:04:28 MST