Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 632
  • Last Modified:

telnet problem

hi all
i have a problem with the telnet service on solaris 7, my system installed on ultra 10 machine. when i try to telnet the system from remote system it refuse to accept telnet session in which a connection refused message appears.
its not a network isseu since ping responds positively, also i can telnet from this system to other systems. right ??  
i cant easely restart the system, this needs aprovals.  
i checked /etc/inet/inetd.conf and found the line
telnet  stream  tcp  nowait  root  /usr/sbin/in.telnetd  in.telnetd
i tried this
pkill -HUP inetd
put the problem didnt move.
 
have you any idea  plz
0
monamiz
Asked:
monamiz
  • 3
  • 3
  • 2
  • +3
2 Solutions
 
OtetelisanuCommented:
If you make telnet as root
must have in the file
/etc/default/login

# CONSOLE=/dev/console


You can make
telnet server -l user

user not root

0
 
OtetelisanuCommented:
If you have

CONSOLE=/dev/console

for root is error :
login: root
Password:
Not on system console
Connection closed by foreign host.


0
 
monamizAuthor Commented:
hi otetelisanu
the server reject telnet at all, i type telnet serverIP
from any remote station (unix or windows )
the message on windows:
 Could not open connection to the host, on port 23: Connect failed
while on unix remote station the message is:
telnet: Unable to connect to remote host: Connection refused
 
i didnt yet reach the username and password prompt, however i tried to telnet with -l user but refused again.

by the way: i can telnet other systems from this server

any added ideas plzz
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
liddlerCommented:
ON the machine itself try:
telnet 0
and see if you get a prompt, if you do, it may be a network / firewall / router acl problem
To get more detailed messages, find the pid of telnetd
and run
truss -faep <pid>
this will give a lot of output, you may need to use the script command to capture this to a file.

Then try telneting in and see if you get more or different messages, if the telnetd doesn't change then the packets aren't getting through.
0
 
OtetelisanuCommented:
Hallo ,

you can with lsof see
wath prosess use port 23.

lsof can help you with this: http://wuarchive.wustl.edu/packages/security/lsof/
Example:
% lsof -i :23

[root@pluto:/ ] lsof -i :23
COMMAND PID USER   FD   TYPE        DEVICE SIZE/OFF NODE NAME
inetd   165 root    5u  inet 0x300000ff748      0t0  TCP *:telnet (LISTEN)

You can also get lsof from http://www.sunfreeware.com/.
0
 
tfewsterCommented:
Check /etc/services contains a line:
telnet            23/tcp          (and ensure it and the telnetd line in /etc/inet/inetd.conf are commented out)

telnetd isn't started until inetd detects an incoming connection on port 23; At which time inetd starts up the service defined in those files.

> by the way: i can telnet other systems from this server
Just to clarify, even if incoming telnet connections have been disabled on this server, you can still make outgoing connections - You don't need the telnetd daemon for that.
0
 
liddlerCommented:
Another thought,
grep services /etc/nsswitch.conf
and make sure it says file, if it says nis, nisplus or ldap you may not be looking in the right place for the port
0
 
monamizAuthor Commented:
helo all

i think its a differnent objects
my server began to act strangly.. like: when i run ls under /etc this does not show /etc/inet while cd command change the directory there, and /etc/inetd.conf file also is not shown and changed from link to a regular file, this in addition to the telnet problem which had not been exist.
I think some one played with the system or im under attack.

i called the security support.
 but im asking if any one have any idea or similar circumstances ...

thanks        
     
0
 
avrajesh_99Commented:
Hi Monamiz,

I have couple of Questions.

1. Do you have any ipchains or ipfilters applied on your system for security. If so try to see those, if you could flush them or remove the specific entry and try telnet.
2. R u having the telnet server installed on your system. Check this by looking into /etc/init.d/ directory you should have telnet as a service and if you have the telnet service out there. Open the telnet service and see the service is not disabled, if you have an entry "disable=yes" , then make it to "disable=no" and save the file and restart the telnet daemon.

HTH.

Rajesh
0
 
Lego_ManiacCommented:
inetd is just a "super daemon" program that launches server daemons on-demand

You may be running into TCP wrappers security.

Check your TCP wrappers files:
/etc/hosts.allow and /etc/hosts.deny

hosts.allow should read:
in.telnetd: LOCAL, <ip address1>, <ip address2...>

<ip address> can be in one of these formats:
single IP address (example 192.168.1.1)
subnet/netmask (example 192.168.1.0/255.255.255.0)

hosts.deny probably reads:
ALL: ALL
This should be okay,  If it has a telnet entry, remove it, or just remove your IP from it.


Another configuration to verify is /etc/services
There must be a line in there for telnet, or else inet daemon won't spawn it.
telnet          23/tcp

Default is for it to be in there, but doesnt hurt to check.

0
 
monamizAuthor Commented:
heloo
- no chains or filters are applyed
- also no tcp wrappers
thanks all
its a different isseu ... an intruder with the root password login to the system and make a soft changes to some files like the binarry of the ls command and other auditing files
i had to restart the system ... but the system hangs many times a few seconds after boot -s command on the ok prompt .. finaly i got access to single user mode and restore the system from a backup .. now its running fine and i applied the latest patches after i change the passwords of all of the users on alll of my systems.
i wanna thank you all for your assistance ..

thanks

 
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 3
  • 3
  • 2
  • +3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now