monamiz
asked on
telnet problem
hi all
i have a problem with the telnet service on solaris 7, my system installed on ultra 10 machine. when i try to telnet the system from remote system it refuse to accept telnet session in which a connection refused message appears.
its not a network isseu since ping responds positively, also i can telnet from this system to other systems. right ??
i cant easely restart the system, this needs aprovals.
i checked /etc/inet/inetd.conf and found the line
telnet stream tcp nowait root /usr/sbin/in.telnetd in.telnetd
i tried this
pkill -HUP inetd
put the problem didnt move.
have you any idea plz
i have a problem with the telnet service on solaris 7, my system installed on ultra 10 machine. when i try to telnet the system from remote system it refuse to accept telnet session in which a connection refused message appears.
its not a network isseu since ping responds positively, also i can telnet from this system to other systems. right ??
i cant easely restart the system, this needs aprovals.
i checked /etc/inet/inetd.conf and found the line
telnet stream tcp nowait root /usr/sbin/in.telnetd in.telnetd
i tried this
pkill -HUP inetd
put the problem didnt move.
have you any idea plz
If you have
CONSOLE=/dev/console
for root is error :
login: root
Password:
Not on system console
Connection closed by foreign host.
CONSOLE=/dev/console
for root is error :
login: root
Password:
Not on system console
Connection closed by foreign host.
ASKER
hi otetelisanu
the server reject telnet at all, i type telnet serverIP
from any remote station (unix or windows )
the message on windows:
Could not open connection to the host, on port 23: Connect failed
while on unix remote station the message is:
telnet: Unable to connect to remote host: Connection refused
i didnt yet reach the username and password prompt, however i tried to telnet with -l user but refused again.
by the way: i can telnet other systems from this server
any added ideas plzz
the server reject telnet at all, i type telnet serverIP
from any remote station (unix or windows )
the message on windows:
Could not open connection to the host, on port 23: Connect failed
while on unix remote station the message is:
telnet: Unable to connect to remote host: Connection refused
i didnt yet reach the username and password prompt, however i tried to telnet with -l user but refused again.
by the way: i can telnet other systems from this server
any added ideas plzz
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Check /etc/services contains a line:
telnet 23/tcp (and ensure it and the telnetd line in /etc/inet/inetd.conf are commented out)
telnetd isn't started until inetd detects an incoming connection on port 23; At which time inetd starts up the service defined in those files.
> by the way: i can telnet other systems from this server
Just to clarify, even if incoming telnet connections have been disabled on this server, you can still make outgoing connections - You don't need the telnetd daemon for that.
telnet 23/tcp (and ensure it and the telnetd line in /etc/inet/inetd.conf are commented out)
telnetd isn't started until inetd detects an incoming connection on port 23; At which time inetd starts up the service defined in those files.
> by the way: i can telnet other systems from this server
Just to clarify, even if incoming telnet connections have been disabled on this server, you can still make outgoing connections - You don't need the telnetd daemon for that.
Another thought,
grep services /etc/nsswitch.conf
and make sure it says file, if it says nis, nisplus or ldap you may not be looking in the right place for the port
grep services /etc/nsswitch.conf
and make sure it says file, if it says nis, nisplus or ldap you may not be looking in the right place for the port
ASKER
helo all
i think its a differnent objects
my server began to act strangly.. like: when i run ls under /etc this does not show /etc/inet while cd command change the directory there, and /etc/inetd.conf file also is not shown and changed from link to a regular file, this in addition to the telnet problem which had not been exist.
I think some one played with the system or im under attack.
i called the security support.
but im asking if any one have any idea or similar circumstances ...
thanks
i think its a differnent objects
my server began to act strangly.. like: when i run ls under /etc this does not show /etc/inet while cd command change the directory there, and /etc/inetd.conf file also is not shown and changed from link to a regular file, this in addition to the telnet problem which had not been exist.
I think some one played with the system or im under attack.
i called the security support.
but im asking if any one have any idea or similar circumstances ...
thanks
Hi Monamiz,
I have couple of Questions.
1. Do you have any ipchains or ipfilters applied on your system for security. If so try to see those, if you could flush them or remove the specific entry and try telnet.
2. R u having the telnet server installed on your system. Check this by looking into /etc/init.d/ directory you should have telnet as a service and if you have the telnet service out there. Open the telnet service and see the service is not disabled, if you have an entry "disable=yes" , then make it to "disable=no" and save the file and restart the telnet daemon.
HTH.
Rajesh
I have couple of Questions.
1. Do you have any ipchains or ipfilters applied on your system for security. If so try to see those, if you could flush them or remove the specific entry and try telnet.
2. R u having the telnet server installed on your system. Check this by looking into /etc/init.d/ directory you should have telnet as a service and if you have the telnet service out there. Open the telnet service and see the service is not disabled, if you have an entry "disable=yes" , then make it to "disable=no" and save the file and restart the telnet daemon.
HTH.
Rajesh
inetd is just a "super daemon" program that launches server daemons on-demand
You may be running into TCP wrappers security.
Check your TCP wrappers files:
/etc/hosts.allow and /etc/hosts.deny
hosts.allow should read:
in.telnetd: LOCAL, <ip address1>, <ip address2...>
<ip address> can be in one of these formats:
single IP address (example 192.168.1.1)
subnet/netmask (example 192.168.1.0/255.255.255.0)
hosts.deny probably reads:
ALL: ALL
This should be okay, If it has a telnet entry, remove it, or just remove your IP from it.
Another configuration to verify is /etc/services
There must be a line in there for telnet, or else inet daemon won't spawn it.
telnet 23/tcp
Default is for it to be in there, but doesnt hurt to check.
You may be running into TCP wrappers security.
Check your TCP wrappers files:
/etc/hosts.allow and /etc/hosts.deny
hosts.allow should read:
in.telnetd: LOCAL, <ip address1>, <ip address2...>
<ip address> can be in one of these formats:
single IP address (example 192.168.1.1)
subnet/netmask (example 192.168.1.0/255.255.255.0)
hosts.deny probably reads:
ALL: ALL
This should be okay, If it has a telnet entry, remove it, or just remove your IP from it.
Another configuration to verify is /etc/services
There must be a line in there for telnet, or else inet daemon won't spawn it.
telnet 23/tcp
Default is for it to be in there, but doesnt hurt to check.
ASKER
heloo
- no chains or filters are applyed
- also no tcp wrappers
thanks all
its a different isseu ... an intruder with the root password login to the system and make a soft changes to some files like the binarry of the ls command and other auditing files
i had to restart the system ... but the system hangs many times a few seconds after boot -s command on the ok prompt .. finaly i got access to single user mode and restore the system from a backup .. now its running fine and i applied the latest patches after i change the passwords of all of the users on alll of my systems.
i wanna thank you all for your assistance ..
thanks
- no chains or filters are applyed
- also no tcp wrappers
thanks all
its a different isseu ... an intruder with the root password login to the system and make a soft changes to some files like the binarry of the ls command and other auditing files
i had to restart the system ... but the system hangs many times a few seconds after boot -s command on the ok prompt .. finaly i got access to single user mode and restore the system from a backup .. now its running fine and i applied the latest patches after i change the passwords of all of the users on alll of my systems.
i wanna thank you all for your assistance ..
thanks
must have in the file
/etc/default/login
# CONSOLE=/dev/console
You can make
telnet server -l user
user not root