Next: Generic Service Passer Up: Service Daemons Previous: Service Daemons

TELNETD and FTPD

Next to electronic mail, the most widely used Internet services are telnet (remote login) and ftp (file transfer). The Eagle software has built-in, secure support for telnet and ftp. In addition, you can control the Eagle versions of these facilities to limit their use according to your security policy.

The Eagle software installation replaces the standard telnet and ftp on your Gateway host with Raptor Systems' modified, secure versions. The user interface for telnet and ftp in an Eagle-secured network differs slightly from the standard interface. Raptor Systems describes its telnet and ftp facilities as passthrough facilities. That is, users inside the network interact with the Eagle telnetd and ftpd service daemons on the Gateway host to access remote systems. Once connections between the internal and external hosts are authenticated, data between them passes through the Gateway machine under the control of the secure telnetd and ftpd service daemons.

The Eagle offers facilities for limiting telnet and ftp services. To begin with, connections between internal and external hosts must be authorized in the Eagle authorization file (see Chapter ). Second, individual users may optionally be required to identify themselves, with an encrypted password, before being permitted to use ftp or telnet to access external hosts. Finally, with respect to ftp, a subset of this service daemon's commands may be specified for each host in the authorization file. There are two such limits for ftpd: putonly and getonly. They allow the system administrator to separately permit write-only or read-only access. Ftpd screens incoming commands and returns an error message if a command is disallowed.

The Eagle may require up to six pieces of information to determine if a ftp or telnet session is authorized. The information needed is

  1. destination user name (the user name on the remote system)
  2. destination address
  3. destination password (the password on the remote system)
  4. gateway user name (the user name on the local system)
  5. gateway password (the password on the local system)
  6. alternate TCP/IP port number or service name

The destination user name and address is always required. Before gwcontrol can determine what additional user authentication information may be needed, it must have the destination address to determine which authorization rule applies.

The gateway user name and password are required whenever user authentication is enabled. Refer to Chapter for more information about user authentication.

The alternate TCP/IP port number is used to access (via telnet a service available on the specified port number on a remote host.

In the example below we assume that the following line is in the Eagle's configuration file (see Chapter ):

faraway.outbound.com allow mymachine

This permits users on faraway.outbound.com (a system outside the Eagle-secured network) to connect to mymachine (inside the secure network) via passthrough telnet or ftp. (In this example, firewall.xxx.com is the name of the Eagle.) Figure illustrates a telnet connection from faraway to mymachine:

Note the differences between this example and the standard telnet connection dialogue.

  1. The user specifies the Eagle Gateway as the destination host, not the true destination host.
  2. The Eagle Gateway prompts for the true destination hostname
  3. The destination host prompts for a username and password before permitting the login.

Although this example does not illustrate user authentication, had it been required, the Eagle Gateway would have prompted for a username and password and verified them before connecting to the internal host.

Having been authorized to connect by the Eagle Gateway, the user is now logged in as user username on mymachine via passthrough telnet. The Eagle will continue to transparently pass characters between the two systems until the user logs out.

As you would expect, the login dialogue for ftp also differs from the standard ftp version.

Assume that the Eagle's configuration file contains the following line:

faraway.outbound.com allow mymachine(ftp.getonly)

This allows users on faraway.outbound.com (a remote system outside the Eagle-secured network) access to the internal host mymachine via passthrough ftp, but limits them to downloading files. As with the previous example, the name of the Eagle is firewall.xxx.com. Thus, users on faraway who want to connect to mymachine see the dialog illustrated in figure .

Note the differences between this example and the standard ftp connection dialogue.

  1. The user specifies the Eagle Gateway as the destination host, not the true destination host.
  2. The Eagle Gateway prompts for the true destination hostname and username, in the format username@hostname
  3. The Eagle Gateway prompts for the user's password on the destination host.
  4. The user is allowed to get (download) a file, but is denied permission to put (upload) a file.

When the connection to the destination host is closed, the service daemons will re-connect to gwcontrol to report that the connection is no longer there. Gwcontrol then removes that connection from the active list and updates the log.

User authentication provides more flexible control of who accesses hosts in your Eagle-protected networks by allowing you to require additional username and password authentication before users can go into or out of your protected network(s). Refer to Chapter for example user authenticated telnet and ftp dialogs.

The telnet and ftp daemons display a message of the day upon initial contact. You can change this message. Edit /usr/adm/sg/gateway_motd to change the telnet message, or /usr/adm/sg/ftp_motd to change the ftp message of the day.



Next: Generic Service Passer Up: Service Daemons Previous: Service Daemons


tkevans@delmarva.com