Latest LQ Deal: Complete CCNA, CCNP & Red Hat Certification Training Bundle
Go Back > Forums > Linux Forums > Linux - Networking
User Name
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.


  Search this Thread
Old 09-16-2010, 11:22 AM   #1
LQ Newbie
Registered: Jun 2006
Distribution: RHEL, SLES, Fedora, Ubuntu
Posts: 14

Rep: Reputation: 0
Linux socket programming question


I have a customer who is complaining that they can connect to prt y on IP x with telnet. They are seeing the following:
telnet x.x.x.x y
Trying x.x.x.x...
Connected to x.x.x.x.
Escape character is '^]'.

after some time the connection of course times out.
Connection closed by foreign host.

There is no telnet service running on this port so they cannot do anything, but they are complaining tht the fact that telnet "connects" is a security risk.

I am having difficulty explaining why they are able to connect with telnet. I know it has to do with the socket layer API in Linux but I am having difficulty explaining this sufficiently. I also can't just say "this is the way linux works" to them.

I am looking through "UNIX Network Programming" by W. Richard Stevens at this time, but any help on explaining this issue would be greatly appreciated.

Thank you
Old 09-16-2010, 12:00 PM   #2
Senior Member
Registered: Apr 2010
Location: Continental USA
Distribution: Debian, Ubuntu, Fedora, RedHat, DSL, Puppy, CentOS, Knoppix, Mint-DE, Sparky, Vsido, tinycore, Q4OS
Posts: 2,290

Rep: Reputation: 919Reputation: 919Reputation: 919Reputation: 919Reputation: 919Reputation: 919Reputation: 919Reputation: 919

If it were telnetd listening on that port I would expect a logon prompt. Since you are not seeing one, the question is "what is listening on that port and why????". Before you try to explain anything, someone had better figure out the answer to that question.

There ARE ports that SHOULD have listeners running on them. Some only on the loopback interface, some on the external interface, some on every interface. What and how many those are depends upon what the server is used for. (IT should only run what is needed for its function and management.)

What is the port number they are testing (y) and what KIND of IP address are they testing.

One thing that you can tell them off the top: telnet is often used for exactly this kind of port testing. The connection they see is not a security issue in and of itself, just an indicator that there is something listening on that port. That may be good or bad, but we cannot tell without knowing what the port is, and what is listening there.

Last edited by wpeckham; 09-16-2010 at 12:06 PM.
Old 09-16-2010, 12:25 PM   #3
LQ Newbie
Registered: Jun 2006
Distribution: RHEL, SLES, Fedora, Ubuntu
Posts: 14

Original Poster
Rep: Reputation: 0
Thanks for the response


Actually LDAP is running on the port. I understand that you can perform port testing by using Telnet and it is a valid way to determine if a port is open. I am just at a loss to explain why telnet shows as "connected". Is it because the BSD socket is protocol agnostic?

Thank you,
Old 09-16-2010, 12:31 PM   #4
LQ Newbie
Registered: Jun 2006
Distribution: RHEL, SLES, Fedora, Ubuntu
Posts: 14

Original Poster
Rep: Reputation: 0
Ok. What I have come up with so far is this.

We use BSD sockets, and in this API sockets are usually created to be protocol agnostic. It seems that in BSD you generally accept new connections by using: *accept()*.

Based on what I am reading here
“For certain protocols which require an explicit confirmation, such as DECNet, accept() can be thought of as merely dequeuing the next connection request and not implying confirmation. Confirmation can be implied by a normal read or write on the new file descriptor, and rejection can be implied by closing the new socket. Currently only DECNet has these semantics on Linux.”

I believe what we are seeing is the connection of the request, but of course there is no actual confirmation because there is no telnet service running.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Socket programming simple question: thefountainhead100 Programming 2 03-14-2008 04:00 AM
Socket programming question brianvdc Programming 2 12-30-2004 01:36 PM
Socket Programming Question? sharma_deepak83 Programming 1 06-29-2004 10:36 AM
UDP socket programming question. niac Programming 6 03-02-2003 02:23 PM
socket programming question.. concoran Programming 4 01-14-2002 02:23 AM > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 11:22 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration