Skip to content

KALI – How to configure IPTABLES to block Telnet and FTP – The Visual Guide


Iptables is a kernel based utility to set up access control based on protocols, services, ports or the actual interface.  You will use Zenmap to test the iptables are operational.

Step 1 – Root Terminal – To reject Telnet incoming connections

iptables -A INPUT -p tcp –dport 23 -j REJECT

iptables -L -n -v

**Your rules will be displayed



How to DROP Telnet instead of REJECT

iptables -A INPUT -p tcp –dport 23 -j DROP


iptables -L -n -v

iptables -v -L INPUTiptables drop


Step 2 – To stop TELNET outbound connections

iptables  -A OUTPUT -p tcp  –sport 23 -j DROP

iptables -L -n -v

iptables -v -L OUTPUT

telnet output


The REJECT target will send a reply icmp packet to the source system telling that system that the packet has been rejected. By default the message will be “port is unreachable”.

The DROP target simply drops the packet without sending any reply packets back.

The REJECT target is vulnerable to DoS  attacks.

iptables drop

Step 3 – Want to see Line numbers on the rules?

iptables -L -v -n –line-number

line numbers

Step 4 – Made a mistake and need to delete a rule?

List by line numbers – then delete the  rule by it’s line number

iptables -D INPUT 2

-D = Delete

INPUT  rule 2

delete iptables line

The rules are temporary… so after a reboot they’ll be cleared



Step 5 – Test the rules with ZENMAP

Applications > Kali > Vulnerability > Misc Scanners < Zenmap

Type the IP address of your machine into Target > Scan


The iptables blocking telnet gave these results when tested:

zen map results telnet ip reject filterzen test of telnet iptables rules

When both FTP and Telnet are blocked, Zenmap results were:

zenmap blocked telnet and ftp

That’s it.  You’ve blocked Telnet incoming and outgoing, and doublechecked your work using Zenmap.  Easy right?


So what is Iptables?

Iptables is a user space utility

Designed to configure the 3 network layer kernel filtering chains


-i = Incoming interface (INPUT and FORWARD Chains)

-o = Outgoing interface

-A = Append or Add to a chain

-P = Default policy eg deny all or allow all


  1. Null permalink

    Perhap you shall explain most like distro like Ubuntu, Debian, Fedora, etc. using iptables adding as a customize firewall in which some other GUI software may incorporated with it such as NuFW,etc. At the same time you shall also explain how you can see an open port by using the command

    netstat -tulnp

    Or simply disable the service.


  2. wasitaratisaw permalink

    ubuntu is exactly the same in my opinion… same iptables rules.. same syntax blah blah

    Liked by 1 person

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: