Solaris 7 (x86) - The OS version displays but freezes before giving a Login: prompt via telnet

I'm working with an Intel server running Solaris 7.  I've recently lost the ability to telnet into the box.  I can telnet out from the box to other servers on campus and can FTP both in/out.  I've checked most of the standard things like the /etc/inetd.conf and there are no /etc/hosts.allowed or hosts.deny files.  I applied the recommended cluster patches a couple of weeks ago hoping that might solve the problem, but it didn't help.

Suggestions would be appreciated.  Reinstalling Solaris 7 or upgrading to a newer version are not desirable options at this point.

Thanks.
jlonginoAsked:
Who is Participating?
 
timf04Commented:
If possible open up the telnet session to the system and then do a ps -ef on the Solaris pc.  You should see something like this:
root   498   496  0 15:51:39 pts/3    0:00 login -p -d /dev/pts/3 -h machine.yourdomain.com

This is the login program that you are looking to see.  The motd won't show up until after the login (my bad) but you can add a file /etc/default/telnetd with the line BANNER="Some Lame saying!\n\n".  This will pop up on the session before login.

I would try and get a copy of login and replace the one on the problem system.  Did you have the system crash and have to do an fsck?  Is there anyway the system was "hacked" and a bad login dropped down similar to a root kit?

Tim
0
 
yuzhCommented:
Do you have a firewall in your campus? It could be the firewall block telnet for
inbound. (port 23). Most of the network adm doesn't like telnet, ftp(incuding me,
and disable it)

In your Solaris PC, try:
telnet localhost

or
telnet 127.0.0.1

To see if it work, it it works then check your firewall setting.

You should use secure shell -- ssh instead of telnet/FTP.
0
 
yuzhCommented:
also it might be a DNS problem, check your /etc/resolv.conf to see if you have the
correct IP for your DNS server.

(you can use a windows PC to to find out the DNS server IP,
 eg w2k/xp -- ipconfig /all ,
      win9x -- winipcfg)


and make sure that the /etc/nsswitch.conf  file , there is a record looks like:
   hosts:     files dns


0
Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
jlonginoAuthor Commented:
I've checked with our systems people and port 23 is open, so it's not a firewall issue.  I've checked the resolv.conf, inetd.conf and nsswitch.conf files but all seems as it should. No apparent DNS issues.  We snooped the IP while trying to telnet in but couldn't see anything unusual.

The department that owns the box is willing to give me an newer computer they no longer have a use for.  I'll install Solaris 9 on it , disable Telnet/FTP and have them use QVT/TERM w/ssh to login. I didn't want to have to reload or upgrade due to the down time but since they have a new box, I can set it up over here and switch them out when everything's ready.

I'll leave this question open in case someone comes up with a solution before I'm ready to switch the new/old computers (probably several working days).
0
 
TintinCommented:
Did you do as yuzh suggested?  ie:  telnet 127.0.0.1
0
 
yuzhCommented:
Please test telnet first:
telnet localhost
or
telnet 127.0.0.1


And check /var/adm/messagess file to see it there is any error.

Is the box use NFS mount, NFS could cause problem, when it can not mount
the filesystem from the NFS server.

If it   is the NFS problem, try to just restart the NFS service in the NFS server:
/etc/rc3.d/S15nfs.server stop
/etc/rc3.d/S15nfs.server start

To see if it help, if not reboot your Solaris 7 PC.
0
 
jlonginoAuthor Commented:
Yes. I used "telnet localhost", but it behaved the same way and I had to close the cmdtool window because I couldn't break out of the telnet attempt.  None of the standard escape sequences work ( ^Z, ^C or ^\ ).  There were no corresponding (timewise) error messages in /var/adm/messages.

The box doesn't use NFS mounts at all and I've rebooted the box several times to no avail.
0
 
TintinCommented:
When you say telnet localhost "behaved the same way", do you get any messages at all?

To exit out of a telnet session, do:

Ctrl-]
close
0
 
jlonginoAuthor Commented:
As in the title.  The OS version is displayed, the cursor moves down a few lines to where the login prompt should appear but it never does. I've left it sitting there as long as 30 minutes with no change or time out.
0
 
yuzhCommented:
Did you check /var/adm/messagess ?

Please read my comment http:#11711535
0
 
jlonginoAuthor Commented:
Yes. It is in my comment above. ( Date: 08/03/2004 09:29PM PDT)
0
 
yuzhCommented:
try to debug the login scripts (.profile, .cshrc, .login etc) to see if
anything wrong.

for sh/ksh put a "set -x" in the .profile and then run it manually

. ./.profile

for csh/tcsh

use:
csh -x source .cshrc
csh -x source .login
0
 
jlonginoAuthor Commented:
This wouldn't do any good, would it?  The telnet session freezes before the login process is initiated.
0
 
yuzhCommented:
Comment http:#11716820, tenet doesn't get to the login point!

Do you know any software package was installed before you have trouble with telnet?


0
 
jlonginoAuthor Commented:
Nothing has been installed for at least a year and those were just Perl CPAN modules.

Taking your advice, I tried to telnet in and when it froze, I did  a ^] which took me to the "telnet>" prompt.  I issued a few commands looking for clues but didn't see anything helpful:

=============
Microsoft Telnet> d
Escape Character is 'CTRL+]'
Will auth(NTLM Authentication)
Local echo off
New line mode - Causes return key to send CR & LF
Current mode: Console
Will term type
Preferred term type is ANSI
Negotiated term type is ANSI
Microsoft Telnet> st
Connected to xxxxxx.xxxxxx.xxx
Negotiated term type is ANSI
Microsoft Telnet>
=============
0
 
yuzhCommented:
Can you telnet from another Unix box to the Solaris PC? check if there is personal
firewall installed in the Windows PC.
0
 
timf04Commented:
It looks like this is not a problem so much with telnet but with getty.  If you get to the telnet app it will then start up getty and getty will startup login.  Does the motd show up and no login or just connected and then nothing.  Have you rebooted this system in the event there is a rogue/zombied getty out  there causing problems?

Try killing the login daemon and seeing if that helps.
0
 
jlonginoAuthor Commented:
yuzh: I'm unable to telnet into the Solaris PC successfully from any computer.  I have attempted to telnet in from several different Windows and Unix boxes.  There was no firewall software running on the PC that I was running from home (that produced the log above).

timf04:  I'll try to get over to the Solaris PC later this afternoon to try a few things.  The box in question doesn't have a motd, so I don't know if it gets to that point or not.  I can create a motd later to test that.  The box has been rebooted several times since the problem was first noticed, so I doubt that it is a rougue/zombie.  What command would show me if there are any out there and what would the name of it look like if I need to grep the results?
0
 
jlonginoAuthor Commented:
I haven't been able to go by the location where the computer is (it's on the other side of the campus).  It's possible the box has been cracked, but if it was they cleaned up well after themselves.  I'll look to see if there are differing  copies of login on the box.  I'll mount the installation CD and maybe login is uncompressed and copiable.  There's been no crash or disk problem that I know of.
0
 
yuzhCommented:
To check if the box  has been cracked, you can use cksum to compare some of the
binary program with a system you can trust (same OS ans same patch level),  please
have a look at the following page:

http://www.experts-exchange.com/Operating_Systems/Solaris/Q_20910530.html
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.