Hello,

i have a program which uses telnet connection, with an account i own, to login to a remote server and use things there. I want to log every command this program does in this telnet session, together with the eventual arguments. If the responses can be logged too (even if in separate file(s)), it would be great.

I tried wireshark, but the output it gives is too raw - at least for me. Besides, its 99% pure white interface, in contrast with my much darker desktop, is horrible to keep looking for too much time - suggestions of alternatives??; terminal programs would be great.

I found an old thread that talks about my system logs. If they can be useful, please point that too.

EDIT: See #11 -- The part I've crossed out is simply not responsive to the OP!

Hmm. The only telnet client I ever use is WinSCP (and seldom with telnet). It has a logging capability, but I'm not sure how it works. I don't even have a telnet client installed on this Linux desktop machine.

What ftp server are you running on the server side? We could possibly better help find logging information if we knew that.

I use NcFTPd on the server, which does extensive logging of connections and transfer statistics. I'm not sure where other ftp daemons log things. Check /var/log (I use ls -ltr /var/log) on the server to see whats updated while or immediately after your program runs.

I presume you can't (or don't want to) tweak the client program to do some logging. Perhaps you could tee the output of the client program to a log file on the client side? Assumes that there is any output to see there. May not be what you're looking for.

1 members found this post helpful.

I have not detailed information on what the server is. Not more than what i can find doing internet interactions with its IP.

And i am not sure what telnet is/was (i know it is something old) or how it worked, but the server in which i have this account gives us a set of commands to use. I bet this set of commands are mostly arbitrarily chosen by them. I can use these remote commands with my telnet local command in terminal, but i have to know them first. Typing everything by hand spends much much time. By logging what the client program does inside the telnet connection, it will be much easier to find all commands accounts have there, and how they can be used (arguments, results, etc.).

I do not understand why you talk about scp and ftp. Is telnet related to them, somehow? Something that i surely do not do on this server is to copy files from/to it and my local machine.

Yes, i cannot. It is closed source. But i have the option of using telnet instead of this closed source program.

'tee' command? But that would be only for stdin and stdout, no?

telnet is old, ssh is the modern equivalent.

basically you should not use telnet for anything that requires security
even the login password is sent plain text.

what are you actually trying to achieve ?

is this like the patching of files you didn't need to patch?
compiling 8 year old source code to compile some old project.

find out what the best VM is for a none specified task?

You need to state your goals clearly, then we can advise you.

If you don't like wireshark colours, I am sure they can be configured. Or use tcpdump (you will find, however, that it's even rawer).

You could use strace to trace the write system calls this program is making. Again, rather raw I would guess.

I doubt there is any more comfortable way to see what text a process is sending over the network.

1 members found this post helpful.

Why deleted? ):

it is not like ssh into some computer, with many standard commands. The security is what the server has, so i cannot complain about it not existing. I am trying to achieve what i said: as much as possible, information about what commands are being asked by the client i use. Please do not reply if you are going just throw stones in me.

My so very bad. Everything is said was about ftp, not telnet. I have no excuse — a complete brain fade. Please disregard everything I posted. None of that applies to your question.

I don’t have a telnet client or run telnet on my server. As has been said, telnet is the forerunner of ssh.
If your client program is closed, some kind of sniffing software is about all that’s left, and you’ve already dismissed the best of those.

I apologize again...

1 members found this post helpful.

Telnet is pretty much exactly like ssh, except for the security aspects. One connects and enters commands on the remote server.

I agree with scasey, a traffic sniffer is about the only thing you can use easily.

If wireshark does not provide what you need I would suggest tcpdump. I do not know the specific options that would apply, but I know I can always get it to provide me with plain text request/resonse when I need it - I usually figure out what I need from the man page, so it can't be too confusing!

You can easily capture a session to a file, then mine the file for what transpired using various options to output the data you are after. That would make it easier for you to explore it without connecting each time.

1 members found this post helpful.

take a look at OPs previous threads

they are all vague and frankly just a waste of time.

ask for clear goal or go down the rabbit hole.

Sometimes we do these mistakes. No problem. (:

If i can use my operating system libraries or its functions to log the closed client, that would be good, i think.

With wireshark, i saw a few lines communicating my IP with server's, and some data associated to it. Inside this data, the command name was written clearly. But around it, there was just binary data that made no sense to me. This is why i called it raw. And this is why i imagined that a higher level logging would be possible, since we know the protocol in use is telnet.

Looking at wireshark's "Help > about", i see it uses Qt5. Do you know a way to change its theme to a dark one, *without* installing KDE? That would completely solve the issue of using it, as it runs now in my Debian with Mate Desktop dark theme.

Can wireshark be used to filter the network data of a single process? If wireshark cannot, but a command can, which would that be? My computer is network active basically all the time: email accounts opened with Thunderbird; autorefreshing a couple of pages; eventual streaming music; XMPP; Telegram; ... . I tried to search for these things last week, but i could not find a clear answer. And there was too much noise in my searches results.