KTS_HOWTO: kts and firewall
What is firewall?
Firewall is a software application or hardware device that blocks part of the network traffic.Usually the firewall is configured to allow incoming connections only on few specified ports. Most of the software firewalls also detect programs attempting to access the network and then they match the program name against a list defined by the user and allow or deny it access to the network.Who needs a firewall?
If your computer is connected to Internet then you need a firewall. Even if you are running the"best" OS that has no backdoors or vulnerabilities, it is better to have a firewall running. The firewall would not guarantee 100% protection but it would significantly increase your computer safety.KTS and firewall.
Since firewall filters network traffic and KTS is server software your firewall will mostly detect KTS, when it is started. To use KTS together with your firewall you will have to make few adjustments in your firewall configuration.
1) KTS telnetd.exe file must have access to the network.
2) KTS telnetd.exe file must be allowed to act as a server. This is the server component of KTS that handles incoming connections e.g. the server component of KTS.
3) You should allow incoming connections on port 23 (this is the default telnet port; if you change KTS port to custom one then you should allow your custom port in the firewall)
If KTS is blocked by your firewall, you will have a behavior similar to the following:
In the kts log file (log\kts-log.txt) there will be only lines saying that kts is started or stopped. A normal log file will show connection attempts too, successful or unsuccessful. Using a telnet client it may seem that you connect to your host but the client will display blank screen. Actually, you are "connecting" your firewall, depending on your firewall it may refuse connection, forcing your client to disconnect (or not connect at all) or it could just take the connection silently. If you experience any of these symptoms, check your firewall settings, most probably the problem is buried there.
Monday, November 21, 2005