We support GIXEN, the eBay sniper.

Disabling rlogin, chargen, etc

Post Reply
User avatar
tcompter
Member
Posts: 6
Joined: 20 Nov 2012 08:33

Disabling rlogin, chargen, etc

Post by tcompter » 20 Nov 2012 08:36

I'm working on configuring an Alcatel 6855-U24X switch. I need to be able to prove to myself (and my boss) that the following services are disabled: rsh, rlogin, rcp, and rdist, echo, chargen, and discard.

I'm reading the Switch Management Guide, The CLI Reference, and the Network Configuration Guide.

The only mention I can find in ANY of those references is in the latter, on page 31-15, in the ACL Manager Chapter. Our application doesn't involve using ACLs at all, so I'm not sure how this would even apply.

What would be best is a 'show' command that would show these services disabled, similar to "show ip service" which shows the enabled status of ftp, http, etc.

Thanks for any insight.

__________
. | homas
_________
. | homas

User avatar
benny
Alcatel Unleashed Certified Guru
Alcatel Unleashed Certified Guru
Posts: 726
Joined: 20 Oct 2007 14:51
Contact:

Re: Disabling rlogin, chargen, etc

Post by benny » 20 Nov 2012 16:06

Hi,

I hope this is good enough ...

Code: Select all

OS6850-48L-Lab-> show tcp ports 

  Local Address     Local Port   Remote Address    Remote Port    State       
------------------+------------+-----------------+--------------+-------------
  0.0.0.0                   21   0.0.0.0                     0    LISTEN        
  0.0.0.0                   22   0.0.0.0                     0    LISTEN        
  0.0.0.0                   23   0.0.0.0                     0    LISTEN        
  0.0.0.0                   80   0.0.0.0                     0    LISTEN        
  0.0.0.0                  260   0.0.0.0                     0    LISTEN        
  0.0.0.0                  261   0.0.0.0                     0    LISTEN        
  0.0.0.0                  262   0.0.0.0                     0    LISTEN        
  0.0.0.0                  443   0.0.0.0                     0    LISTEN        


OS6850-48L-Lab-> show udp ports 

  Local Address     Local Port   
------------------+--------------
  0.0.0.0                    0
  0.0.0.0                   67
  0.0.0.0                   68
  0.0.0.0                  123
  0.0.0.0                  161
  0.0.0.0                  996
  0.0.0.0                 2048


OS6850-48L-Lab-> show ip service 

  Name                   Port   Status  
----------------------+-------+---------
  ftp                      21   enabled 
  ssh                      22   enabled 
  telnet                   23   enabled 
  udp-relay                67   enabled 
  http                     80   enabled 
  network-time            123   enabled 
  snmp                    161   enabled 
  avlan-telnet            259   enabled 
  avlan-http              260   enabled 
  avlan-secure-http       261   enabled 
  secure-http             443   enabled 
  avlan-http-proxy        262   enabled 

OS6850-48L-Lab-> no ip service all
OS6850-48L-Lab-> show ip service  

  Name                   Port   Status  
----------------------+-------+---------
  ftp                      21   disabled
  ssh                      22   disabled
  telnet                   23   disabled
  udp-relay                67   disabled
  http                     80   disabled
  network-time            123   disabled
  snmp                    161   disabled
  avlan-telnet            259   disabled
  avlan-http              260   disabled
  avlan-secure-http       261   disabled
  secure-http             443   disabled
  avlan-http-proxy        262   disabled

OS6850-48L-Lab-> show udp ports   

  Local Address     Local Port   
------------------+--------------
  0.0.0.0                    0
  0.0.0.0                   68
  0.0.0.0                  996
  0.0.0.0                 2048


OS6850-48L-Lab-> show tcp ports   

  Local Address     Local Port   Remote Address    Remote Port    State       
------------------+------------+-----------------+--------------+-------------


Benny
Regards,
Benny

Please note that at no time I will provide you with AOS releases. Kindly contact your Business Partner or Alcatel-Lucent for that.

Official Alcatel-Lucent OmniSwitch documentation available at:
Alcatel-Lucent Resource Library

DokuWiki

User avatar
tcompter
Member
Posts: 6
Joined: 20 Nov 2012 08:33

Re: Disabling rlogin, chargen, etc

Post by tcompter » 20 Nov 2012 17:14

Thanks! :) That's a step in the right direction. Do I correctly infer that if there are no entries in the "show tcp ports" table, it means that there are no services running?

__________
. | homas
_________
. | homas

User avatar
benny
Alcatel Unleashed Certified Guru
Alcatel Unleashed Certified Guru
Posts: 726
Joined: 20 Oct 2007 14:51
Contact:

Re: Disabling rlogin, chargen, etc

Post by benny » 21 Nov 2012 10:04

Yes, your assumption is correct.
Regards,
Benny

Please note that at no time I will provide you with AOS releases. Kindly contact your Business Partner or Alcatel-Lucent for that.

Official Alcatel-Lucent OmniSwitch documentation available at:
Alcatel-Lucent Resource Library

DokuWiki

Post Reply

Return to “OmniSwitch 6855”

Who is online

Users browsing this forum: No registered users and 4 guests