Time required: 3 Hours
Work with a limited, on demand, service implementation using xinetd and telnet server and client. Configure the connection to start only when requested and limited only to a single client.
Dealing with legacy services that are less secure is a constant challenge in the enterprise. Understanding how to best provision that service as needed while maintaining some level of security will go a long way to mitigating risks in your environment.
The small network that is available to the servers in the new Kansas warehouse limits connectivity. As a result, all traffic happens on the private IP network between servers. Your shipping server and receiving client handle all remote session communication over telnet, which cannot be updated to SSH.
Realizing that telnet is inherently insecure, but necessary in this case, you need to provide the service. Install the xinetd service and telnet server on the server system and the telnet client on the second system. Be sure you enable the telnet server through xinetd rather than directly. Finally, use the appropriate security settings in the TCP Wrapper to protect access to the telnet server, limiting connections ONLY from the second client system. Verify the connectivity (telnet client) after complete.