LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 06-23-2005, 11:00 AM   #1
yoursmile
LQ Newbie
 
Registered: Jun 2005
Posts: 26

Rep: Reputation: 15
Angry dport 113


HI!

I have three PCs:A,B,C.

PC A: OS:red hat 7.3 (IP:192.168.1.2) SERVER:telnetd,ftpd
PC B: OS:red hat 9.0 (IP:192.168.1.5) SERVER:telnetd,ftpd
PC C: OS:Windows 2000 (IP:192.168.1.6); installed software: firewall

from C telnet A, firewall on C display:
Code:
192.168.1.2 attempt connect to localhost's port 113 [Auther Idnet]
           TCP flagS
           deny connect!
from C telnet B, firewall on C no messages about "deny"

PC B and C's configure file about telnetd be same. look:
Code:
$ more /etc/xinetd.d/telnet
# default: on
# description: The telnet server serves telnet sessions; it uses \
#       unencrypted username/password pairs for authentication.
service telnet
{
        disable = no
        flags           = REUSE
        socket_type     = stream
        wait            = no
        user            = root
        server          = /usr/sbin/in.telnetd
        log_on_failure  += USERID
}
On PC A,B,C , run "netstat -an", I am not find "port 113"
On PC A, run `cat /proc/net/ip_conntrack |grep "port=113"`,display:
Code:
 tcp      6 114 SYN_SENT src=192.168.1.2 dst=192.168.1.6 sport=36915 dport=113 [UNREPLIED] 

src=192.168.1.6 dst=192.168.1.2 sport=113 dport=36915 use=1
My question:

Why PC A send tcp data to PC C's port 113 ?
How disable?
 
Old 06-23-2005, 02:07 PM   #2
demian
Member
 
Registered: Apr 2001
Location: Bremen, Germany
Distribution: Debian
Posts: 303

Rep: Reputation: 30
Quote:
Originally posted by yoursmile

My question:

Why PC A send tcp data to PC C's port 113 ?
How disable?
Presumably the default authmode was changed in the two telnetd implematations and the box that triggers the ident request on port 113 is run with -a [valid|user] whereas the other box is not. This is nothing to worry about though. What is worrying is that you use telnet at all. Switch to ssh!!
 
Old 06-23-2005, 09:58 PM   #3
yoursmile
LQ Newbie
 
Registered: Jun 2005
Posts: 26

Original Poster
Rep: Reputation: 15
demian , thank you for your reply!

On PC A, according to "man telnetd" , display:
"Note that this option is only use ful if telnetd has been compiled with support for authentication, which is not available in the current version."

Code:
# /usr/sbin/in.telnetd --help
/usr/sbin/in.telnetd: invalid option -- -
Usage: telnetd [-debug] [-D (options|report|exercise|netdata|ptydata)]   
    [-h] [-L login_program] [-n] [port]
So I think telnetd's authmode is close.

Last edited by yoursmile; 06-23-2005 at 10:02 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Port 113 floppywhopper Linux - Security 7 02-07-2008 06:51 PM
Using --dport --sport... When to use one or another Palula Linux - Security 7 09-02-2005 11:32 AM
113 port spank Linux - Newbie 3 12-02-2003 03:54 PM
iptables doesn't know what -dport 80 is... ? d33pdream Linux - Networking 6 04-04-2003 06:22 PM
port 113 pangfai Linux - Security 7 06-06-2002 05:53 AM


All times are GMT -5. The time now is 12:05 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration