Connection problem with telnet on Solaris 10
When connecting to a particular Solaris 10 server via telnet (which I did not set up and is needed by some hardware) I am getting some peculiar behavior.
$ telnet xx.xx.xx.xx Trying xx.xx.xx.xx... Connected to xx.xx.xx.xx. Escape character is '^]'. Connection closed by foreign host. I eventually stumbled upon the fact that they had an extensive hosts.allow file (hosts.deny ALL:ALL as well). So I added "ALL: .my.domain" and expected everything to work. Now it waits longer before kicking me out, but still won't even give a login prompt. It is acting like it is still being blocked by tcp_wrappers, but I am fairly sure that is letting me through. Is there something similar that could still be filtering things after the initial connection? $ inetadm -l telnet SCOPE NAME=VALUE name="telnet" endpoint_type="stream" proto="tcp6" isrpc=FALSE wait=FALSE exec="/usr/local/sbin/tcpd" arg0="/usr/sbin/in.telnetd" user="root" default bind_addr="" default bind_fail_max=-1 default bind_fail_interval=-1 default max_con_rate=-1 default max_copies=-1 default con_rate_offline=-1 default failrate_cnt=40 default failrate_interval=60 default inherit_env=TRUE default tcp_trace=FALSE tcp_wrappers=TRUE default connection_backlog=10 |
Quote:
Now my question is, is there a reason to run telnet through tcpd? And if you did, how would I make the hosts.allow rules work? (yes I know telnet is evil, but it is needed by some hardware) |
This is how tcp_wrappers works. You don't run the service (in.telnetd in your case) directly, but through in.tcpd. It's in.tcpd that listens for connections on port 23 and when there is one it looks /etc/hosts.allow, /etc/hosts.deny to see if it has to allow it. If everything is ok then it passes control to the real daemon in.telnetd.
I guess someone has installed in.tcpd at a later time (that's why it's installed in /usr/local) and had configured it wrong. If you want to enable it make use of its "security" features of hosts.allow and hosts.deny, take a look at this howto. Regards |
All times are GMT -5. The time now is 09:35 AM. |