ÀÌÀü ÁÖÁ¦ º¸±â :: ´ÙÀ½ ÁÖÁ¦ º¸±â |
±Û¾´ÀÌ |
¸Þ½ÃÁö |
Çdz¯·¹ ¼Õ´Ô
|
¿Ã·ÁÁü: 2003.11.27 ¸ñ, 11:48 pm ÁÖÁ¦: telnet ¿±â ... (ÇÑ´Þ° -_-;;) |
|
|
¾È³çÇϼ¼¿ä ¶Ç Áú¹®¸¸ ¿Ã¸®³×¿ä ÁË¼Û ÇÕ´Ï´Ù.~~~ (__);
Áö±Ý ·¹µåÇò9¸¦ »ç¿ëÁßÀÔ´Ï´Ù. ¼³Ä¡ÇÒ¶§ ¿öÅ©½ºÅ×À̼ÇÀ¸·Î ¼³Ä¡¸¦ Çß±¸¿ä.
µÎ·ç³ÝÀ» »ç¿ëÇÏ°í ÀÖ½À´Ï´Ù.
¼³Ä¡ÇÏ°í ³ª¼ telnet¼¹ö¸¦ ¿·Á°í telnet-server¸¦ ¼³Ä¡ ÇÏ°í
xinetd ¿¡´Ù°¡ telnet ¿¡ ´ëÇÑ ³»¿ëÀ» Ãß°¡ Çß½À´Ï´Ù.
--------------Á¦ xinetd ³»¿ëÀÔ´Ï´Ù. ------------------------------
defaults
{
instances = 15
log_type = FILE /var/log/servicelog
log_on_success = HOST PID EXIT
log_on_failure = HOST RECORD
only_from =
per_source = 5
cps = 25 30
}
service telnet
{
disable = no
flags = REUSE
socket_type = stream
wait = no
user = root
only_from =
server = /usr/sbin/in.telnetd
}
includedir=/etc/xinetd.d
--------------------------------------------------------------------------------
±×¸®°í iptebles ¸¦ ¾Æ·¡ ó·³ °íÃƽÀ´Ï´Ù..
-------------Á¦ iptables ³»¿ëÀÔ´Ï´Ù.------------------------------------------
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Lokkit-0-50-INPUT - [0:0]
-A INPUT -j RH-Lokkit-0-50-INPUT
-A FORWARD -j RH-Lokkit-0-50-INPUT
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 23 --syn -j ACCEPT
-A RH-Lokkit-0-50-INPUT -i lo -j ACCEPT
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 0:1023 --syn -j REJECT
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 2049 --syn -j REJECT
-A RH-Lokkit-0-50-INPUT -p udp -m udp --dport 0:1023 -j REJECT
-A RH-Lokkit-0-50-INPUT -p udp -m udp --dport 2049 -j REJECT
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 6000:6009 --syn -j REJECT
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 7100 --syn -j REJECT
COMMIT
------------------------------------------------------------------------------------
hosts.deny hosts.allow ÆÄÀÏ¿¡´Â ¾Æ¹«³»¿ëµµ ¾ø±¸¿ä..
netstat ·Î º¸´Ï±î 23¹ø Æ÷Æ®µµ ¿·Á ÀÖ½À´Ï´Ù.
±Ùµ¥...telnet localhost ¶ó°í Ä¡¸é Á¢¼ÓÀÌ ¾ÈµË´Ï´Ù..
¶Ç telnet Á¦¾ÆÀÌÇÇ ¸¦ Ãĵµ Á¢¼ÓÀÌ ¾ÈµË´Ï´Ù.
¸Ó°¡ À߸øµÆÀ»±î¿ä? ÀÌ°Å °¡Áö°í ÇÑ´Þ° »ðÁú ÁßÀÔ´Ï´Ù. ¤Ì.¤Ì
Á˼ÛÇѵ¥ ¾Æ½Ã´ÂºÐ ´ä±Û ´Þ¾ÆÁֽøé Á¤¸» °¨»ç µå¸®°Ú½À´Ï´Ù.. ¤Ì.¤Ì |
|
À§·Î |
|
|
truefeel Ä«Æä °ü¸®ÀÚ
°¡ÀÔ: 2003³â 7¿ù 24ÀÏ ¿Ã¸° ±Û: 1277 À§Ä¡: ´ëÇѹα¹
|
¿Ã·ÁÁü: 2003.11.28 ±Ý, 1:24 am ÁÖÁ¦: Re: telnetÇÒ ¶§ ¾îµð±îÁö Ç¥½ÃµÇ´ÂÁö µî... |
|
|
1. telnet ¼ºñ½º¸¦ Æ÷ÇÔÇÏ¿© ÀϹÝÀûÀ¸·Î ¼ºñ½ºµéÀº
/etc/xinetd.conf ¿¡ ¼³Á¤Çϱ⠺¸´Ù´Â includedir=/etc/xinetd.d ¿¡ ÀÇÇØ xinetd.d µð·ºÅ丮ÀÇ ÆÄÀϵéÀÌ include µÇ¹Ç·Î
/etc/xinet.d/telnet ÆÄÀÏÀ» ¸¸µé¾î °Å±â¿¡ telnet service ¼³Á¤À» Çϼ¼¿ä.
2. ±×¸®°í, ¹æȺ® ¼³Á¤Àº º¸¿©ÁֽŠ±×´ë·Î¶ó¸é Á¤»óÀÔ´Ï´Ù.
iptables -L -n À¸·Î ¼³Á¤ÇÑ °Í°ú µ¿ÀÏÇÑÁö È®ÀÎÇØ º¸¼¼¿ä.
3. ¶ÇÇÑ netstat -atnp|grep :23 °á°ú ¿Ã·ÁÁֽǷ¡¿ä?
xinetd µ¥¸óÀ¸·Î Á¤»óÀûÀ¸·Î ¿Ã¶ó¿Â °ÍÀÎÁö È®ÀÎÇÒ ÇÊ¿ä°¡ ÀÖÀ» µí ÇÕ´Ï´Ù.
4. ¶ÇÇÑ telnet ·Î±äÇÒ ¶§³ª xinetd startÇÒ ¶§ /var/log/messages ¿¡ ³²Àº ·Î±× ¾ø´ÂÁö È®ÀÎÇØÁÖ¼¼¿ä.
º°µµ âÇϳª ¶ç¿ö¼ tail -f /var/log/messages ·Î °è¼Ó º¸¸é¼
xinetd restartµµ Çغ¸°í telnetµµ Á¢¼ÓÇؼ Ưº°ÇÑ °ÍÀº ¾ø³ª È®ÀÎÇغ¸¼¼¿ä.
¹°·Ð ´Ô ¼³Á¤´ë·Î¶ó¸é /var/log/servicelog µµ ºÁ¾ßÇÒ µí
5. telnet ÇÏ½Ç ¶§
Trying 127.0.0.1... ±îÁö ³ª¿À´Â °ÍÀÎÁö
Connected to localhost.
Escape character is '^]'. ±îÁö ³ª¿À´Â °ÍÀΰ¡¿ä?
¸¸¾à Trying ... ÇÑÁÙ¸¸ ³ª¿Â´Ù¸é ¹æȺ® µîÀ¸·Î ¸·ÇôÀְųª Á¤»óÀûÀ¸·Î ¼ºñ½º°¡ ÀÌ·ïÁöÁö ¾ÊÀº °ÍÀÌ°í
Escape ÁÙ±îÁö ³ª¿Â´Ù¸é ¿¸®±â´Â ÇÑ °ÍÀÌ´Ï ´Ù¸¥ ¼³Á¤À» È®ÀÎÇغÁ¾ßÇÒ µí
¿ì¼± È®ÀÎÇØÁֽðí, ±Û ¿Ã·ÁÁÖ¼¼¿ä.
Âü°í·Î ²À telnet ¾²½Ç ÇÊ¿ä°¡ ¾ø´Ù¸é ssh (port 22¹ø)À» ¾²½Ã´Â °Íµµ ÁÁÀ» µí |
|
À§·Î |
|
|
Çdz¯·¹ ¼Õ´Ô
|
¿Ã·ÁÁü: 2003.11.28 ±Ý, 3:04 am ÁÖÁ¦: ¾Ñ~~ |
|
|
¿ì¼± ´ä±Û ´Þ¾Æ ÁּżŠ°¨»ç µå¸³´Ï´Ù. (__)
À§ÀÇ ³»¿ë ´Ù Á¤»ó ÀÌ°í ....
3.½ÇÇà °á±¢´Ï´Ù.
-------------------------------------------------------------------------------
tcp 0 0 0.0.0.0:23 0.0.0.0:* LISTEN 1543/xinetd
------------------------------------------------------------------------------
4. xinetd¸¦ Àç½ÃÀÛ ½ÃÄ×´õ´Ï messages ¿¡ ÀÌ·± ³»¿ëÀÌ!!!
------------------------------------------------------------------------------
Nov 28 02:30:37 localhost xinetd[1543]: Service telnet: attribute already set: disable [line=14]
Nov 28 02:30:38 localhost xinetd[1543]: bind failed (Address already in use (errno = 9). service = telnet
------------------------------------------------------------------------------
¹º°¡°¡ ÀÌ»óÀΰŠ°°Àºµ¥ ¹«½¼ ¶æÀÎÁö¸¦ ¸ð¸£°Ú³×¿ä -_-;;
¹«½¼ ÁÖ¼Ò¸¦ ¸»Çϴ°ÇÁö ... ¾ÏÆ° ÀÌ·¸°Ô ³ª¿Ô½À´Ï´Ù..
5. telnet 127.0.0.1 Çϸé
------------------------------------------------------------------------
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
Connection closed by foreign host.
------------------------------------------------------------------------
ÀÌ·¸°Ô ³ª¿É´Ï´Ù..
¾Æ.. Áö±Ý ssh ´Â »ç¿ëÁßÀä telnet ÀÌ ¾ÈµÅ´Ï±î ¿À±â°¡ »ý°Ü¼¿ä -_-;;
¸Õ°¡ ¹æ¹ýÀÌ ÀÖ³ª¿ä? |
|
À§·Î |
|
|
Çdz¯·¹ ¼Õ´Ô
|
¿Ã·ÁÁü: 2003.11.28 ±Ý, 3:06 am ÁÖÁ¦: ¤Ñ.¤Ñ; |
|
|
Á¶±â À̸ðƼÄÜ Àִµ¥ ¼ýÀÚ 8 ÀÚ ÀÖ¾ú½À´Ï´Ù.
errno = 98 ÀÔ´Ï´Ù. |
|
À§·Î |
|
|
truefeel Ä«Æä °ü¸®ÀÚ
°¡ÀÔ: 2003³â 7¿ù 24ÀÏ ¿Ã¸° ±Û: 1277 À§Ä¡: ´ëÇѹα¹
|
¿Ã·ÁÁü: 2003.11.28 ±Ý, 8:52 am ÁÖÁ¦: Re: xinetd.conf ¼³Á¤ ¹®Á¦·Î ÅÚ³ÝÀÌ ¾ÈµÈ µí |
|
|
Çdz¯·¹ ¾¸: |
3.½ÇÇà °á±¢´Ï´Ù.
-------------------------------------------------------------------------------
tcp 0 0 0.0.0.0:23 0.0.0.0:* LISTEN 1543/xinetd
------------------------------------------------------------------------------
|
À§ÀÇ °á°ú ÅÚ³ÝÀÌ ¿¸°°Ô ¸Â½À´Ï´Ù.
Àοë: |
4. xinetd¸¦ Àç½ÃÀÛ ½ÃÄ×´õ´Ï messages ¿¡ ÀÌ·± ³»¿ëÀÌ!!!
------------------------------------------------------------------------------
Nov 28 02:30:37 localhost xinetd[1543]: Service telnet: attribute already set: disable [line=14]
Nov 28 02:30:38 localhost xinetd[1543]: bind failed (Address already in use (errno = 98 )). service = telnet
------------------------------------------------------------------------------
¹º°¡°¡ ÀÌ»óÀΰŠ°°Àºµ¥ ¹«½¼ ¶æÀÎÁö¸¦ ¸ð¸£°Ú³×¿ä -_-;;
¹«½¼ ÁÖ¼Ò¸¦ ¸»Çϴ°ÇÁö ... ¾ÏÆ° ÀÌ·¸°Ô ³ª¿Ô½À´Ï´Ù..
5. telnet 127.0.0.1 Çϸé
------------------------------------------------------------------------
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
Connection closed by foreign host.
------------------------------------------------------------------------
ÀÌ·¸°Ô ³ª¿É´Ï´Ù..
|
Escape ... ] ±îÁö ³ª¿À´Â °Å±º¿ä.
´ÔÀÇ xinetd.conf ¼³Á¤ ´Ù½Ã º¸´Ï only_from= ÀÌ°Ô Àֳ׿ä. ±× ÁÙ Áö¿ì¸é Á¢¼ÓµÇ°Ú³×¿ä.
±×¸®°í 'bind failed (Address already in use (errno = 98 )' ¶ó°í ³ª¿À´Â °ÍÀº
ÀÌ¹Ì 23¹ø Æ÷Æ®°¡ ¾²ÀÌ´Â ÁßÀÌ´Ù¶ó´Â °ÍÀÔ´Ï´Ù. Áï telnet µ¥¸óÀÌ ¶ç¿öÁ® Àִµ¥ ¶Ç ¶ç¿ï·Á°í Çؼ ³ª¿À´Â °ÍÀÔ´Ï´Ù.
Á¦ ÆÇ´ÜÀ¸·Ð /etc/xinetd.conf¿¡ service telnet { ... } ·Î ÅÚ³Ý ¶ç¿ü´Âµ¥
/etc/xinetd.d/telnet ÆÄÀÏ¿¡¼ ¶Ç ¶ç¿ï·Á´Ï ³ª¿À´Â °Å¶ó »ý°¢µË´Ï´Ù.
xinetd.conf ¿¡¼´Â ´ÙÀ½À» Áö¿ì¼¼¿ä.
ÄÚµå: |
service telnet {
disable = no
... Áß·« ...
}
|
¹°·Ð /etc/xinetd.d/telnet (ÆÄÀϸíÀÌ ´Ù¸¦ ¼öµµ ÀÖÀ½)¿¡¼µµ only_from = ÀÖÀ¸¸é ±× ÁÙ Áö¿ì´øÁö ¾Æ´Ô Á¢¼Ó Çã¿ëÇÒ IP¸¦ ÁöÁ¤ÇÏ´øÁö Çϼ¼¿ä. |
|
À§·Î |
|
|
Çdz¯·¹ ¼Õ´Ô
|
¿Ã·ÁÁü: 2003.11.28 ±Ý, 10:09 am ÁÖÁ¦: °¨»ç ÇÕ´Ï´Ù.¤Ì.¤Ì |
|
|
µË´Ï´Ù.!!!!
xinetd.conf¿¡ telnet³»¿ëÀ» Áö¿ì´Ï±î messages¿¡ ±×·± ³»¿ëÀÌ ¾È³ª¿Ô±¸¿ä
only_fromÁö¿ì´Ï±î Á¢¼ÓÀÌ µÇ³×¿ä -_-;;
Á¦°¡ °¡Áö°í ÀÖ´Â xinetd¹®¼°¡ ¿µ¾î¶ó Çؼ®À» À߸øÇؼ
"only_from= " °¡ ¸ðµÎ Á¢¼ÓÀÎÁÙ ¾Ë¾Ò´Âµ¥ ¸ðµÎ Á¢¼ÓÀÌ ¾ÈµÇ´Â °Å¿´±º¿ä -_-;;
°¨»ç ÇÕ´Ï´Ù. 10³â ¹¬Àº äÁõÀÌ .. ^^;;
ÀÌÁ¦ Çб³ °¡¾ß °Ú´Ù ... ¸¹Àº°Å ¹è¿ü½À´Ï´Ù. .°¨»ç ÇÕ´Ï´Ù.~~~ |
|
À§·Î |
|
|
|