Non root user using telnet refused

Support for security such as Firewalls and securing linux
rezashamdani
Posts: 8
Joined: 2019/04/11 03:39:19

Re: Non root user using telnet refused

Post by rezashamdani » 2019/04/26 04:51:38

is it possible that on centos7 a non root user cannot using the port 25 ?

i don't have the issue with centos6, the iptables setup already the same..

aks
Posts: 2843
Joined: 2014/09/20 11:22:14

Re: Non root user using telnet refused

Post by aks » 2019/04/26 18:10:12

is it possible that on centos7 a non root user cannot using the port 25 ?
No, not at all. A non root user can connect to port 25.
$ telnet smtp.mail.yahoo.com 25
Trying 188.125.73.26...
Connected to smtp.mail.yahoo.com.
Escape character is '^]'.
220 smtp.mail.yahoo.com ESMTP ready
^]
telnet> cl
Connection closed.

rezashamdani
Posts: 8
Joined: 2019/04/11 03:39:19

Re: Non root user using telnet refused

Post by rezashamdani » 2019/04/29 02:29:41

can i just flush my iptables rules, and then try to connect again?

perhaps the rules was holding back the non root account.

User avatar
TrevorH
Forum Moderator
Posts: 26861
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Non root user using telnet refused

Post by TrevorH » 2019/04/29 11:44:45

Did you check that company.mail.protection.outlook.com resolves to the ip address that you have listed in your iptables rules? When I check ours it resolves to at least 2 separate ip addresses so 50% of the time your rules would fail.
CentOS 5 died in March 2017 - migrate NOW!
CentOS 6 goes EOL sooner rather than later, get upgrading!
Full time Geek, part time moderator. Use the FAQ Luke

rezashamdani
Posts: 8
Joined: 2019/04/11 03:39:19

Re: Non root user using telnet refused

Post by rezashamdani » 2019/04/30 02:05:32

with or without the iptables, the root account can use the port 25 successfully, yet the non root account is failed stated that it was refused.

aks
Posts: 2843
Joined: 2014/09/20 11:22:14

Re: Non root user using telnet refused

Post by aks » 2019/04/30 18:49:12

I'm beginning to suspect that you don't have "proper" CentOS installed.
So are you running cpanel or something like that (it has already been suggested, but you don't say either way)?
Assuming it is "real" CentOS, then you've done something, which is really bad. Traditionally only root can open the "privileged" port (TCP below 1024), as a listener. Anybody can connect to the "privileged" port.
Assuming it is "real" CentOS, what happens when (as the non root user) you do:
strace -f telnet <domain> 25
as in:
strace -f telnet smtp.mail.yahoo.com 25
?

rezashamdani
Posts: 8
Joined: 2019/04/11 03:39:19

Re: Non root user using telnet refused

Post by rezashamdani » 2019/05/01 02:21:13

here it is

Code: Select all

....
close(3)                                = 0
fstat(1, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 0), ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f787dac8000
write(1, "Trying XXX.XX.XXX.XX...\r\n", 25Trying XXX.XX.XXX.XX...
) = 25
socket(AF_INET, SOCK_STREAM, IPPROTO_TCP) = 3
setsockopt(3, SOL_IP, IP_TOS, [16], 4)  = 0
connect(3, {sa_family=AF_INET, sin_port=htons(25), sin_addr=inet_addr("XXX.XX.XXX.XX")}, 16) = -1 ECONNREFUSED (Connection refused)
write(2, "telnet: connect to address XXX.X"..., 61telnet: connect to address XXX.XX.XXX.XX: Connection refused
) = 61
close(3)                                = 0
write(1, "Trying XXX.XX.XXX.XY...\r\n", 25Trying XXX.XX.XXX.XY...
) = 25
socket(AF_INET, SOCK_STREAM, IPPROTO_TCP) = 3
setsockopt(3, SOL_IP, IP_TOS, [16], 4)  = 0
connect(3, {sa_family=AF_INET, sin_port=htons(25), sin_addr=inet_addr("XXX.XX.XXX.XY")}, 16) = -1 ECONNREFUSED (Connection refused)
write(2, "telnet: connect to address XXX.XX"..., 61telnet: connect to address XXX.XX.XXX.XY: Connection refused
) = 61
close(3)                                = 0
exit_group(1)                           = ?
+++ exited with 1 +++

aks
Posts: 2843
Joined: 2014/09/20 11:22:14

Re: Non root user using telnet refused

Post by aks » 2019/05/01 19:16:11

So are you running cpanel or something like that?

Post Reply

Return to “CentOS 7 - Security Support”