[svlug] Local computer responds "connection refused" (Dan)
Dan Martinez
dfm at area.com
Mon Jan 7 08:50:01 PST 2002
Todd G. Gardner wrote:
> Will "xinetd" help me access the remote RH72 system within my LAN
> via ftp, telnet, finger, or OpenSSH.
Possibly. xinetd is a "meta-daemon", if you will: a daemon whose job
it is to start other daemons on an as-needed basis. On certain systems
(including Red Hat 7.2) daemons such as fingerd, ftpd, and telnetd are
controlled by xinetd.
> I am willing to learn however my ignorance is greater than my savy.
> Both systems are running RH72. I don't know how to determine the
> stutus of the daemons. Would you suggest how I might do this? There
> is a gui call "firewall-config" but I am not sure what to do with
> it.
I'd leave firewall-config alone for now. It sounds likely at this
point that the daemons simply aren't running.
You're using Red Hat 7.2, which manages most of its daemons and other
services through a program called "chkconfig". chkconfig lives in the
/sbin directory, which means that an ordinary user on your machine may
be unable to see it by default.
You can use chkconfig to inquire about the state of services without
any special privileges, but you'll need to be root to actually make
any changes with it.
Try the following:
/sbin/chkconfig --list
The xinetd-based services are listed last, and my guess is that you'll
find those of interest to you (finger, ftp, and telnet) turned off. To
turn them on, you can say (as root):
/sbin/chkconfig finger on
/sbin/chkconfig ftp on
/sbin/chkconfig telnet on
(If you don't see those services listed at all, then the relevant
packages are most likely not installed. Should that be the case, let
us know, and we'll help you install them.)
> Will "xinetd" do this or help me do this? If so where besides "man
> xinetd" can I look?
Indirectly. See above.
> Bad habits are hard to break especially since I currently to access
> machines only within our LAN. I currently don't think I need a lot
> of security. If I go external to our LAN then it sounds like I
> should use OpenSSH.
If your LAN is completely disconnected from the larger Internet, then
you may be all right. But developing good security habits, and a
healthy sense of paranoia, early on is still a good idea.
> Where do I go to get more information about that? I don't seem to be
> able to man OpenSSH.
For reasons of backward compatibility with the original SSH
implementation, the OpenSSH binary is named "ssh", so "man ssh" should
get you there, assuming that OpenSSH is installed on your system(s).
You can also visit http://www.openssh.org/ for more information about
the OpenSSH project.
Dan
More information about the Svlug
mailing list