?
Solved

telnet problem

Posted on 2004-08-23
11
Medium Priority
?
631 Views
Last Modified: 2013-12-27
hi all
i have a problem with the telnet service on solaris 7, my system installed on ultra 10 machine. when i try to telnet the system from remote system it refuse to accept telnet session in which a connection refused message appears.
its not a network isseu since ping responds positively, also i can telnet from this system to other systems. right ??  
i cant easely restart the system, this needs aprovals.  
i checked /etc/inet/inetd.conf and found the line
telnet  stream  tcp  nowait  root  /usr/sbin/in.telnetd  in.telnetd
i tried this
pkill -HUP inetd
put the problem didnt move.
 
have you any idea  plz
0
Comment
Question by:monamiz
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
  • +3
11 Comments
 
LVL 4

Expert Comment

by:Otetelisanu
ID: 11868024
If you make telnet as root
must have in the file
/etc/default/login

# CONSOLE=/dev/console


You can make
telnet server -l user

user not root

0
 
LVL 4

Expert Comment

by:Otetelisanu
ID: 11868044
If you have

CONSOLE=/dev/console

for root is error :
login: root
Password:
Not on system console
Connection closed by foreign host.


0
 

Author Comment

by:monamiz
ID: 11868459
hi otetelisanu
the server reject telnet at all, i type telnet serverIP
from any remote station (unix or windows )
the message on windows:
 Could not open connection to the host, on port 23: Connect failed
while on unix remote station the message is:
telnet: Unable to connect to remote host: Connection refused
 
i didnt yet reach the username and password prompt, however i tried to telnet with -l user but refused again.

by the way: i can telnet other systems from this server

any added ideas plzz
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
LVL 18

Accepted Solution

by:
liddler earned 180 total points
ID: 11868501
ON the machine itself try:
telnet 0
and see if you get a prompt, if you do, it may be a network / firewall / router acl problem
To get more detailed messages, find the pid of telnetd
and run
truss -faep <pid>
this will give a lot of output, you may need to use the script command to capture this to a file.

Then try telneting in and see if you get more or different messages, if the telnetd doesn't change then the packets aren't getting through.
0
 
LVL 4

Assisted Solution

by:Otetelisanu
Otetelisanu earned 120 total points
ID: 11869364
Hallo ,

you can with lsof see
wath prosess use port 23.

lsof can help you with this: http://wuarchive.wustl.edu/packages/security/lsof/
Example:
% lsof -i :23

[root@pluto:/ ] lsof -i :23
COMMAND PID USER   FD   TYPE        DEVICE SIZE/OFF NODE NAME
inetd   165 root    5u  inet 0x300000ff748      0t0  TCP *:telnet (LISTEN)

You can also get lsof from http://www.sunfreeware.com/.
0
 
LVL 21

Expert Comment

by:tfewster
ID: 11874012
Check /etc/services contains a line:
telnet            23/tcp          (and ensure it and the telnetd line in /etc/inet/inetd.conf are commented out)

telnetd isn't started until inetd detects an incoming connection on port 23; At which time inetd starts up the service defined in those files.

> by the way: i can telnet other systems from this server
Just to clarify, even if incoming telnet connections have been disabled on this server, you can still make outgoing connections - You don't need the telnetd daemon for that.
0
 
LVL 18

Expert Comment

by:liddler
ID: 11878246
Another thought,
grep services /etc/nsswitch.conf
and make sure it says file, if it says nis, nisplus or ldap you may not be looking in the right place for the port
0
 

Author Comment

by:monamiz
ID: 11900727
helo all

i think its a differnent objects
my server began to act strangly.. like: when i run ls under /etc this does not show /etc/inet while cd command change the directory there, and /etc/inetd.conf file also is not shown and changed from link to a regular file, this in addition to the telnet problem which had not been exist.
I think some one played with the system or im under attack.

i called the security support.
 but im asking if any one have any idea or similar circumstances ...

thanks        
     
0
 
LVL 1

Expert Comment

by:avrajesh_99
ID: 11919101
Hi Monamiz,

I have couple of Questions.

1. Do you have any ipchains or ipfilters applied on your system for security. If so try to see those, if you could flush them or remove the specific entry and try telnet.
2. R u having the telnet server installed on your system. Check this by looking into /etc/init.d/ directory you should have telnet as a service and if you have the telnet service out there. Open the telnet service and see the service is not disabled, if you have an entry "disable=yes" , then make it to "disable=no" and save the file and restart the telnet daemon.

HTH.

Rajesh
0
 

Expert Comment

by:Lego_Maniac
ID: 11924735
inetd is just a "super daemon" program that launches server daemons on-demand

You may be running into TCP wrappers security.

Check your TCP wrappers files:
/etc/hosts.allow and /etc/hosts.deny

hosts.allow should read:
in.telnetd: LOCAL, <ip address1>, <ip address2...>

<ip address> can be in one of these formats:
single IP address (example 192.168.1.1)
subnet/netmask (example 192.168.1.0/255.255.255.0)

hosts.deny probably reads:
ALL: ALL
This should be okay,  If it has a telnet entry, remove it, or just remove your IP from it.


Another configuration to verify is /etc/services
There must be a line in there for telnet, or else inet daemon won't spawn it.
telnet          23/tcp

Default is for it to be in there, but doesnt hurt to check.

0
 

Author Comment

by:monamiz
ID: 12003971
heloo
- no chains or filters are applyed
- also no tcp wrappers
thanks all
its a different isseu ... an intruder with the root password login to the system and make a soft changes to some files like the binarry of the ls command and other auditing files
i had to restart the system ... but the system hangs many times a few seconds after boot -s command on the ok prompt .. finaly i got access to single user mode and restore the system from a backup .. now its running fine and i applied the latest patches after i change the passwords of all of the users on alll of my systems.
i wanna thank you all for your assistance ..

thanks

 
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Let's say you need to move the data of a file system from one partition to another. This generally involves dismounting the file system, backing it up to tapes, and restoring it to a new partition. You may also copy the file system from one place to…
Why Shell Scripting? Shell scripting is a powerful method of accessing UNIX systems and it is very flexible. Shell scripts are required when we want to execute a sequence of commands in Unix flavored operating systems. “Shell” is the command line i…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.
Suggested Courses

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question