Friday, March 19, 2010

Misc 3

For the next few entries, I'll be making use of a topology similar to the one you see below:

I'll be focusing on Debian and the deployment of several services not already covered in the existing Debian articles. The Windows XP takes on more of a client role, while the Debian would be the main server here.

This guide assumes that you are able to set up your own connectivity scheme (including NAT, Port-Forwarding, etc.).

Here is the breakdown of the interfaces:
eth0 -
Windows XP:
eth0 -
f0/0 -
f0/1 -

The WRT54G router provides connectivity to the internet.I'll add on more topological details later when required. Now that we have the basic topology, I'll begin on the meat.

We'll start up by setting up remote access through telnetd, and later on upgrading it to secure remote access through sshd. (Note that SSH does not depend on Telnet; I just want to make sure I cover the common methods of access)

Telnet is one of the most basic methods of remotely controlling a system. Telnet makes use of the client/sever model, and operates through port 23. Telnet is easy to set up, but is also easily compromised through packet sniffing.

We'll need to install telnetd. But before we do so, it's wise to update the repository information. To do this, we'll need to run the "apt-get update" command. "apt-get update" retrieves repository information from the sources specified in /etc/apt/sources.list. Entries in sources.list follow this syntax:
deb http://mirror.nus.edu.sg/Debian lenny contrib main non-free

http://mirror.nus.edu.sg/Debian is the directory that contains the "dist" folder. The directory following the deb keyword must always contain the "dist" folder.

"lenny" is the entire path for the distribution relative to the "dist" folder. The folder specified here must contain folders such as main, contrib, etc. Some mirrors may be multiple folders deep, but in this case main is in /Debian/dist/lenny/main/ so you only need to specify "lenny".

Finally, contrib, main, and non-free are the software categories found in the lenny folder. Adding that line into sources.list effectively adds:

The general syntax is:
deb directory-containing-dist directory-containing-main main [contrib] [non-free]...

After invoking "apt-get update", install telnetd through:
apt-get install telnetd

If you wish, you can also sudo that command. But you'll have to set up your account for sudo through a root user through:

telnetd is launched by inetd. After initial installation, /etc/inetd.conf should contain the telnet entry. However, inetd is only invoked at start-up so you will need to restart the system for telnet to work.

After reboot, you should be able to telnet yourself through:
telnet localhost

Now it's time to set up sshd. SSH works on TCP port 22 and provides a secure channel for telnet-like communication. To install sshd, use apt-get again:
apt-get install ssh

Unlike telnetd, sshd does not require a reboot to start working. Simply connect to the server through an SSH client like PuTTY.

If for some reason you require a new key for sshd, simply delete the keys and reconfigure sshd through:
rm /etc/ssh/ssh_host_*
dpkg-reconfigure openssh-server

To remove telnetd from start-up, simply comment out the line that starts with "telnet" in /etc/inetd.conf.

No comments :

Post a Comment