Solved

Solaris 7 (x86) - The OS version displays but freezes before giving a Login: prompt via telnet

Posted on 2004-08-02
21
683 Views
Last Modified: 2013-12-27
I'm working with an Intel server running Solaris 7.  I've recently lost the ability to telnet into the box.  I can telnet out from the box to other servers on campus and can FTP both in/out.  I've checked most of the standard things like the /etc/inetd.conf and there are no /etc/hosts.allowed or hosts.deny files.  I applied the recommended cluster patches a couple of weeks ago hoping that might solve the problem, but it didn't help.

Suggestions would be appreciated.  Reinstalling Solaris 7 or upgrading to a newer version are not desirable options at this point.

Thanks.
0
Comment
Question by:jlongino
  • 8
  • 8
  • 2
  • +1
21 Comments
 
LVL 38

Assisted Solution

by:yuzh
yuzh earned 340 total points
ID: 11700783
Do you have a firewall in your campus? It could be the firewall block telnet for
inbound. (port 23). Most of the network adm doesn't like telnet, ftp(incuding me,
and disable it)

In your Solaris PC, try:
telnet localhost

or
telnet 127.0.0.1

To see if it work, it it works then check your firewall setting.

You should use secure shell -- ssh instead of telnet/FTP.
0
 
LVL 38

Assisted Solution

by:yuzh
yuzh earned 340 total points
ID: 11700802
also it might be a DNS problem, check your /etc/resolv.conf to see if you have the
correct IP for your DNS server.

(you can use a windows PC to to find out the DNS server IP,
 eg w2k/xp -- ipconfig /all ,
      win9x -- winipcfg)


and make sure that the /etc/nsswitch.conf  file , there is a record looks like:
   hosts:     files dns


0
 

Author Comment

by:jlongino
ID: 11710611
I've checked with our systems people and port 23 is open, so it's not a firewall issue.  I've checked the resolv.conf, inetd.conf and nsswitch.conf files but all seems as it should. No apparent DNS issues.  We snooped the IP while trying to telnet in but couldn't see anything unusual.

The department that owns the box is willing to give me an newer computer they no longer have a use for.  I'll install Solaris 9 on it , disable Telnet/FTP and have them use QVT/TERM w/ssh to login. I didn't want to have to reload or upgrade due to the down time but since they have a new box, I can set it up over here and switch them out when everything's ready.

I'll leave this question open in case someone comes up with a solution before I'm ready to switch the new/old computers (probably several working days).
0
 
LVL 48

Assisted Solution

by:Tintin
Tintin earned 40 total points
ID: 11710987
Did you do as yuzh suggested?  ie:  telnet 127.0.0.1
0
 
LVL 38

Assisted Solution

by:yuzh
yuzh earned 340 total points
ID: 11711535
Please test telnet first:
telnet localhost
or
telnet 127.0.0.1


And check /var/adm/messagess file to see it there is any error.

Is the box use NFS mount, NFS could cause problem, when it can not mount
the filesystem from the NFS server.

If it   is the NFS problem, try to just restart the NFS service in the NFS server:
/etc/rc3.d/S15nfs.server stop
/etc/rc3.d/S15nfs.server start

To see if it help, if not reboot your Solaris 7 PC.
0
 

Author Comment

by:jlongino
ID: 11712362
Yes. I used "telnet localhost", but it behaved the same way and I had to close the cmdtool window because I couldn't break out of the telnet attempt.  None of the standard escape sequences work ( ^Z, ^C or ^\ ).  There were no corresponding (timewise) error messages in /var/adm/messages.

The box doesn't use NFS mounts at all and I've rebooted the box several times to no avail.
0
 
LVL 48

Assisted Solution

by:Tintin
Tintin earned 40 total points
ID: 11712369
When you say telnet localhost "behaved the same way", do you get any messages at all?

To exit out of a telnet session, do:

Ctrl-]
close
0
 

Author Comment

by:jlongino
ID: 11712412
As in the title.  The OS version is displayed, the cursor moves down a few lines to where the login prompt should appear but it never does. I've left it sitting there as long as 30 minutes with no change or time out.
0
 
LVL 38

Assisted Solution

by:yuzh
yuzh earned 340 total points
ID: 11712794
Did you check /var/adm/messagess ?

Please read my comment http:#11711535
0
 

Author Comment

by:jlongino
ID: 11715133
Yes. It is in my comment above. ( Date: 08/03/2004 09:29PM PDT)
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 38

Assisted Solution

by:yuzh
yuzh earned 340 total points
ID: 11715975
try to debug the login scripts (.profile, .cshrc, .login etc) to see if
anything wrong.

for sh/ksh put a "set -x" in the .profile and then run it manually

. ./.profile

for csh/tcsh

use:
csh -x source .cshrc
csh -x source .login
0
 

Author Comment

by:jlongino
ID: 11716820
This wouldn't do any good, would it?  The telnet session freezes before the login process is initiated.
0
 
LVL 38

Assisted Solution

by:yuzh
yuzh earned 340 total points
ID: 11722620
Comment http:#11716820, tenet doesn't get to the login point!

Do you know any software package was installed before you have trouble with telnet?


0
 

Author Comment

by:jlongino
ID: 11723109
Nothing has been installed for at least a year and those were just Perl CPAN modules.

Taking your advice, I tried to telnet in and when it froze, I did  a ^] which took me to the "telnet>" prompt.  I issued a few commands looking for clues but didn't see anything helpful:

=============
Microsoft Telnet> d
Escape Character is 'CTRL+]'
Will auth(NTLM Authentication)
Local echo off
New line mode - Causes return key to send CR & LF
Current mode: Console
Will term type
Preferred term type is ANSI
Negotiated term type is ANSI
Microsoft Telnet> st
Connected to xxxxxx.xxxxxx.xxx
Negotiated term type is ANSI
Microsoft Telnet>
=============
0
 
LVL 38

Assisted Solution

by:yuzh
yuzh earned 340 total points
ID: 11723959
Can you telnet from another Unix box to the Solaris PC? check if there is personal
firewall installed in the Windows PC.
0
 

Assisted Solution

by:timf04
timf04 earned 120 total points
ID: 11727244
It looks like this is not a problem so much with telnet but with getty.  If you get to the telnet app it will then start up getty and getty will startup login.  Does the motd show up and no login or just connected and then nothing.  Have you rebooted this system in the event there is a rogue/zombied getty out  there causing problems?

Try killing the login daemon and seeing if that helps.
0
 

Author Comment

by:jlongino
ID: 11727863
yuzh: I'm unable to telnet into the Solaris PC successfully from any computer.  I have attempted to telnet in from several different Windows and Unix boxes.  There was no firewall software running on the PC that I was running from home (that produced the log above).

timf04:  I'll try to get over to the Solaris PC later this afternoon to try a few things.  The box in question doesn't have a motd, so I don't know if it gets to that point or not.  I can create a motd later to test that.  The box has been rebooted several times since the problem was first noticed, so I doubt that it is a rougue/zombie.  What command would show me if there are any out there and what would the name of it look like if I need to grep the results?
0
 

Accepted Solution

by:
timf04 earned 120 total points
ID: 11730197
If possible open up the telnet session to the system and then do a ps -ef on the Solaris pc.  You should see something like this:
root   498   496  0 15:51:39 pts/3    0:00 login -p -d /dev/pts/3 -h machine.yourdomain.com

This is the login program that you are looking to see.  The motd won't show up until after the login (my bad) but you can add a file /etc/default/telnetd with the line BANNER="Some Lame saying!\n\n".  This will pop up on the session before login.

I would try and get a copy of login and replace the one on the problem system.  Did you have the system crash and have to do an fsck?  Is there anyway the system was "hacked" and a bad login dropped down similar to a root kit?

Tim
0
 

Author Comment

by:jlongino
ID: 11730639
I haven't been able to go by the location where the computer is (it's on the other side of the campus).  It's possible the box has been cracked, but if it was they cleaned up well after themselves.  I'll look to see if there are differing  copies of login on the box.  I'll mount the installation CD and maybe login is uncompressed and copiable.  There's been no crash or disk problem that I know of.
0
 
LVL 38

Assisted Solution

by:yuzh
yuzh earned 340 total points
ID: 11732464
To check if the box  has been cracked, you can use cksum to compare some of the
binary program with a system you can trust (same OS ans same patch level),  please
have a look at the following page:

http://www.experts-exchange.com/Operating_Systems/Solaris/Q_20910530.html
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

FreeBSD on EC2 FreeBSD (https://www.freebsd.org) is a robust Unix-like operating system that has been around for many years. FreeBSD is available on Amazon EC2 through Amazon Machine Images (AMIs) provided by FreeBSD developer and security office…
Why Shell Scripting? Shell scripting is a powerful method of accessing UNIX systems and it is very flexible. Shell scripts are required when we want to execute a sequence of commands in Unix flavored operating systems. “Shell” is the command line i…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now