In this exercise we will setup telnet in TCPWrappers. All attempts from untrusted network will be reject with next message: Your connection refused at $(/bin/date)
Don't forget to save iptables, and restart service.
After this we should make a file which will be shown intruder when he wants to access service.
Open your file for editing, and in this case it should look like this:
echo "External connection refused at $(/bin/date)
Now is time to setup tcpwrappers. In your /etc/hosts.deny you should add next line:
Be sure that you add right permissions to trusted network. You should change /etc/hosts.allow according to this:
You should also look for /etc/xinetd.d/telnet and setup disable = no directive. Then restart xinetd service, and try to telnet from both network, this will work!
On xinetd you can define trap. In this exercise, we will set up a trap that will disable connections from machines that attempt to connect to the rlogind port on your machine. Search for a port on which listen login:
Add this in firewall:
After this you should change /etc/xinetd.d/rlogin, according to this:
socket_type = stream
protocol = tcp
wait = no
user = root
server = /bin/false
flags = SENSOR
deny_time = 2 Denial time of two minutes
Restart service xinetd. After this try to telnet to security1, this should work. After this try rlogin security1, this is trigger a trap. Look for that in /var/log/messages.