LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices



Reply
 
Search this Thread
Old 09-16-2010, 12:22 PM   #1
mjp053000
LQ Newbie
 
Registered: Jun 2006
Distribution: RHEL, SLES, Fedora, Ubuntu
Posts: 14

Rep: Reputation: 0
Linux socket programming question


Hello,

I have a customer who is complaining that they can connect to prt y on IP x with telnet. They are seeing the following:
telnet x.x.x.x y
Trying x.x.x.x...
Connected to x.x.x.x.
Escape character is '^]'.

after some time the connection of course times out.
Connection closed by foreign host.

There is no telnet service running on this port so they cannot do anything, but they are complaining tht the fact that telnet "connects" is a security risk.

I am having difficulty explaining why they are able to connect with telnet. I know it has to do with the socket layer API in Linux but I am having difficulty explaining this sufficiently. I also can't just say "this is the way linux works" to them.

I am looking through "UNIX Network Programming" by W. Richard Stevens at this time, but any help on explaining this issue would be greatly appreciated.

Thank you
 
Old 09-16-2010, 01:00 PM   #2
wpeckham
Member
 
Registered: Apr 2010
Location: USA
Distribution: Debian, Ubuntu, Fedora, RedHat, DSL, Puppy, CentOS, Knoppix
Posts: 832

Rep: Reputation: 181Reputation: 181
Telnet?

If it were telnetd listening on that port I would expect a logon prompt. Since you are not seeing one, the question is "what is listening on that port and why????". Before you try to explain anything, someone had better figure out the answer to that question.

There ARE ports that SHOULD have listeners running on them. Some only on the loopback interface, some on the external interface, some on every interface. What and how many those are depends upon what the server is used for. (IT should only run what is needed for its function and management.)

What is the port number they are testing (y) and what KIND of IP address are they testing.

---
One thing that you can tell them off the top: telnet is often used for exactly this kind of port testing. The connection they see is not a security issue in and of itself, just an indicator that there is something listening on that port. That may be good or bad, but we cannot tell without knowing what the port is, and what is listening there.

Last edited by wpeckham; 09-16-2010 at 01:06 PM.
 
Old 09-16-2010, 01:25 PM   #3
mjp053000
LQ Newbie
 
Registered: Jun 2006
Distribution: RHEL, SLES, Fedora, Ubuntu
Posts: 14

Original Poster
Rep: Reputation: 0
Thanks for the response

Hi,

Actually LDAP is running on the port. I understand that you can perform port testing by using Telnet and it is a valid way to determine if a port is open. I am just at a loss to explain why telnet shows as "connected". Is it because the BSD socket is protocol agnostic?

Thank you,
Mike
 
Old 09-16-2010, 01:31 PM   #4
mjp053000
LQ Newbie
 
Registered: Jun 2006
Distribution: RHEL, SLES, Fedora, Ubuntu
Posts: 14

Original Poster
Rep: Reputation: 0
Ok. What I have come up with so far is this.

We use BSD sockets, and in this API sockets are usually created to be protocol agnostic. It seems that in BSD you generally accept new connections by using: *accept()*.

http://linux.die.net/man/2/accept

Based on what I am reading here
“For certain protocols which require an explicit confirmation, such as DECNet, accept() can be thought of as merely dequeuing the next connection request and not implying confirmation. Confirmation can be implied by a normal read or write on the new file descriptor, and rejection can be implied by closing the new socket. Currently only DECNet has these semantics on Linux.”

I believe what we are seeing is the connection of the request, but of course there is no actual confirmation because there is no telnet service running.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Socket programming simple question: thefountainhead100 Programming 2 03-14-2008 05:00 AM
Socket programming question brianvdc Programming 2 12-30-2004 02:36 PM
Socket Programming Question? sharma_deepak83 Programming 1 06-29-2004 11:36 AM
UDP socket programming question. niac Programming 6 03-02-2003 03:23 PM
socket programming question.. concoran Programming 4 01-14-2002 03:23 AM


All times are GMT -5. The time now is 01:55 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration