LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Other *NIX Forums > Solaris / OpenSolaris
User Name
Password
Solaris / OpenSolaris This forum is for the discussion of Solaris and OpenSolaris.
General Sun, SunOS and Sparc related questions also go here.

Notices

Reply
 
Search this Thread
Old 06-25-2009, 10:03 AM   #1
miedward
Member
 
Registered: Feb 2007
Distribution: RHEL 4, SOLARIS 10
Posts: 91

Rep: Reputation: 15
Question Connection problem with telnet on Solaris 10


When connecting to a particular Solaris 10 server via telnet (which I did not set up and is needed by some hardware) I am getting some peculiar behavior.

$ telnet xx.xx.xx.xx
Trying xx.xx.xx.xx...
Connected to xx.xx.xx.xx.
Escape character is '^]'.
Connection closed by foreign host.

I eventually stumbled upon the fact that they had an extensive hosts.allow file (hosts.deny ALL:ALL as well). So I added "ALL: .my.domain" and expected everything to work. Now it waits longer before kicking me out, but still won't even give a login prompt.

It is acting like it is still being blocked by tcp_wrappers, but I am fairly sure that is letting me through. Is there something similar that could still be filtering things after the initial connection?

$ inetadm -l telnet
SCOPE NAME=VALUE
name="telnet"
endpoint_type="stream"
proto="tcp6"
isrpc=FALSE
wait=FALSE
exec="/usr/local/sbin/tcpd"
arg0="/usr/sbin/in.telnetd"
user="root"
default bind_addr=""
default bind_fail_max=-1
default bind_fail_interval=-1
default max_con_rate=-1
default max_copies=-1
default con_rate_offline=-1
default failrate_cnt=40
default failrate_interval=60
default inherit_env=TRUE
default tcp_trace=FALSE
tcp_wrappers=TRUE
default connection_backlog=10
 
Old 06-25-2009, 12:38 PM   #2
miedward
Member
 
Registered: Feb 2007
Distribution: RHEL 4, SOLARIS 10
Posts: 91

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by miedward View Post

$ inetadm -l telnet
SCOPE NAME=VALUE
name="telnet"
endpoint_type="stream"
proto="tcp6"
isrpc=FALSE
wait=FALSE
exec="/usr/local/sbin/tcpd"
arg0="/usr/sbin/in.telnetd"
Another fellow in my office noticed that this is actually running tcpd and not in.telnetd directly. So since all the rules in hosts.allow were keyed for the "in.telnetd" service it was refusing all telnet connections.

Now my question is, is there a reason to run telnet through tcpd? And if you did, how would I make the hosts.allow rules work?

(yes I know telnet is evil, but it is needed by some hardware)
 
Old 06-25-2009, 02:24 PM   #3
bathory
Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 10,937

Rep: Reputation: 1330Reputation: 1330Reputation: 1330Reputation: 1330Reputation: 1330Reputation: 1330Reputation: 1330Reputation: 1330Reputation: 1330Reputation: 1330
This is how tcp_wrappers works. You don't run the service (in.telnetd in your case) directly, but through in.tcpd. It's in.tcpd that listens for connections on port 23 and when there is one it looks /etc/hosts.allow, /etc/hosts.deny to see if it has to allow it. If everything is ok then it passes control to the real daemon in.telnetd.
I guess someone has installed in.tcpd at a later time (that's why it's installed in /usr/local) and had configured it wrong.
If you want to enable it make use of its "security" features of hosts.allow and hosts.deny, take a look at this howto.

Regards
 
  


Reply

Tags
hostsallow, hostsdeny, solaris, tcpwrappers, telnet


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Net connection help after installing Solaris 10 or should I stick with Open Solaris ? uncle-c Solaris / OpenSolaris 10 03-19-2009 08:00 AM
telnet from Solaris to windows xp iyalisai Solaris / OpenSolaris 1 09-13-2008 02:53 PM
telnet connection problem soumalya Linux - Server 1 07-26-2007 08:27 AM
Telnet from windows to Solaris zillah Solaris / OpenSolaris 15 06-15-2005 03:31 PM
telnet problem- solaris to linux jns_306 Linux - Networking 3 03-09-2004 04:47 AM


All times are GMT -5. The time now is 03:36 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration