Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Removing Telnet and FTP (keep SSH/SCP)

I dont want the sensors to run Telnet and FTP services, becuase I want to force anyone connecting to them to use SSH/SCP.

I edited the /etc/initd.conf and commented out the lines that start these services. However, this cannot be the "best method" becuase after I tried that suddenly the sensor stopped listening on port 22 and I couldnt connect to it with SSH (of course). When I uncomment the ftp and telnet lines in the inetd.conf, SSH/SCP/port 22 is open again. Weird. What should I do to remove these services?

BTW: on an unrelated note, the interface /dev/iprb0 (command and control) is the card which is assigned an IP address, and is used for connecting to the sensor. The /dev/spwr0 is the interface that only listens for traffic in promiscious mode and doesnt have an IP assigned to it, right?

Thanks,

Erik

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: Removing Telnet and FTP (keep SSH/SCP)

Run sysconfig-sensor, there shoudl be an option in the secure communications area for disabling telnet and ftp. Sysconfig-sensor will then take care of making the proper edits for you.

For the 4220, and 4230 sensor appliances, your statements are correct for the interfaces.

NOTE: the 4210, 4235, and 4250 sensors have different interface names.

Marco

1 REPLY
Cisco Employee

Re: Removing Telnet and FTP (keep SSH/SCP)

Run sysconfig-sensor, there shoudl be an option in the secure communications area for disabling telnet and ftp. Sysconfig-sensor will then take care of making the proper edits for you.

For the 4220, and 4230 sensor appliances, your statements are correct for the interfaces.

NOTE: the 4210, 4235, and 4250 sensors have different interface names.

Marco

127
Views
0
Helpful
1
Replies
CreatePlease login to create content