redhat 安装盘已挂,并设置好 yum源
查看xinetd 、telnet 是否安装
[root@yanlei] rpm -qa |grep xinetd
[root@yanlei] rpm -qa |grep telnet
xinetd安装
查看yum 源中是否有xinetd
[root@yanlei] yum list xinetd
Available Packages
xinetd.x86_64 2:2.3.14-39.el6_4 redhat6.5_is
安装xinetd
[root@yanlei] yum install -y xinetd
Installed:
xinetd.x86_64 2:2.3.14-39.el6_4
Complete!
查看已安装软件xinetd
[root@yanlei] rpm -qa |grep xinetd
xinetd-2.3.14-39.el6_4.x86_64
telnet server 安装
查看yum 源中是否有 telnet-server
[root@yanlei] yum list telnet-server
Available Packages
telnet-server.x86_64 1:0.17-47.el6_3.1 redhat6.5_is
进行安装
[root@yanlei] yum install -y telnet-server
Installed:
telnet-server.x86_64 1:0.17-47.el6_3.1
Complete!
查看是否已安装
[root@yanlei] rpm -qa |grep telnet-server
telnet-server-0.17-47.el6_3.1.x86_64
安装telnet 客户端
[root@yanlei] yum install -y telnet
Installed:
telnet.x86_64 1:0.17-47.el6_3.1
Complete!
[root@yanlei] rpm -qa |grep telnet
telnet-server-0.17-47.el6_3.1.x86_64
允许启动配置:
[root@yanlei] vi /etc/xinetd.d/telent
# default: on
# description: The telnet server serves telnet sessions; it uses \
# unencrypted username/password pairs for authentication.
service telnet
{
flags = REUSE
socket_type = stream
wait = no
user = root
server = /usr/sbin/in.telnetd
log_on_failure += USERID
# disable =yes --修改--> disable =no
disable = no
}
重启服务:
[root@yanlei] service xinetd restart
Stopping xinetd: [FAILED]
Starting xinetd: [ OK ]
查看启动端口:
[root@yanlei] netstat -nptl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:8080 0.0.0.0:* LISTEN 2190/nginx
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 2075/sshd
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 1966/cupsd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 2155/master
tcp 0 0 127.0.0.1:6010 0.0.0.0:* LISTEN 2443/sshd
tcp 0 0 127.0.0.1:6011 0.0.0.0:* LISTEN 2716/sshd
tcp 0 0 :::22 :::* LISTEN 2075/sshd
tcp 0 0 :::23 :::* LISTEN 2866/xinetd
tcp 0 0 ::1:631 :::* LISTEN 1966/cupsd
tcp 0 0 ::1:25 :::* LISTEN 2155/master
tcp 0 0 ::1:6010 :::* LISTEN 2443/sshd
tcp 0 0 ::1:6011 :::* LISTEN 2716/sshd
23为telnet 端口
修改telnet 默认端口号:
[root@yanlei] vi /etc/services
# service-name port/protocol [aliases ...] [# comment]
tcpmux 1/tcp # TCP port service multiplexer
tcpmux 1/udp # TCP port service multiplexer
rje 5/tcp # Remote Job Entry
rje 5/udp # Remote Job Entry
echo 7/tcp
echo 7/udp
discard 9/tcp sink null
discard 9/udp sink null
systat 11/tcp users
systat 11/udp users
daytime 13/tcp
daytime 13/udp
qotd 17/tcp quote
qotd 17/udp quote
msp 18/tcp # message send protocol
msp 18/udp # message send protocol
chargen 19/tcp ttytst source
chargen 19/udp ttytst source
ftp-data 20/tcp
ftp-data 20/udp
# 21 is registered to ftp, but also used by fsp
ftp 21/tcp
ftp 21/udp fsp fspd
ssh 22/tcp # The Secure Shell (SSH) Protocol
ssh 22/udp # The Secure Shell (SSH) Protocol
# telnet 23/tcp ---修改-->telnet 23001/tcp
telnet 23001/tcp
重启服务:
[root@yanlei] service xinetd restart
Stopping xinetd: [ OK ]
Starting xinetd: [ OK ]
查看telnet 端口:
[root@yanlei] netstat -nptl
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:8080 0.0.0.0:* LISTEN 2190/nginx
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 2075/sshd
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 1966/cupsd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 2155/master
tcp 0 0 127.0.0.1:6010 0.0.0.0:* LISTEN 2443/sshd
tcp 0 0 127.0.0.1:6011 0.0.0.0:* LISTEN 2716/sshd
tcp 0 0 :::22 :::* LISTEN 2075/sshd
tcp 0 0 ::1:631 :::* LISTEN 1966/cupsd
tcp 0 0 :::23001 :::* LISTEN 2946/xinetd
tcp 0 0 ::1:25 :::* LISTEN 2155/master
tcp 0 0 ::1:6010 :::* LISTEN 2443/sshd
tcp 0 0 ::1:6011 :::* LISTEN 2716/sshd
防火墙添加允许23001访问:
[root@yanlei] vi /etc/sysconfig/iptables
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [24:2592]
#增加下面一行
-A INPUT -p tcp --dport 23001 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 8080 -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
# Completed on Tue Dec 22 09:03:01 2020
重启防火墙
[root@yanlei] service iptables restart
iptables: Setting chains to policy ACCEPT: filter [ OK ]
iptables: Flushing firewall rules: [ OK ]
iptables: Unloading modules: [ OK ]
iptables: Applying firewall rules: [ OK ]
查看防火墙:
[root@yanlei] iptables -L -n
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:23001
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:8080
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT)
target prot opt source destination
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
客户端登录测试:
[root@yanlei] telnet 192.168.214.128 23001
Trying 192.168.214.128...
Connected to 192.168.214.128.
Escape character is '^]'.
CentOS release 6.5 (Final)
Kernel 2.6.32-431.el6.x86_64 on an x86_64
login: root
Password: *****
Login incorrect #root用户默认不允许登录
login: yanlei
Password: *****
[yanlei@yaneli]
登录成功