On Fri, 5 Mar 1999, Mark A. Swope wrote:
> I can't find telnetd running anywhere
> though. What's allowing me to do this?
/etc/inetd.conf
>
> If I understand this correctly, inetd gets
> calls and forwards them to tcpd which
> is supposed to send them to the right
> port, correct? (sorry about the low-tech
> description).
inetd is listening on ports. Once a client connects to some of those
ports, telnet accepts the connection and runs a server, defined in
/etc/inetd.conf, with connection passed to it as stdin and stdout.
Server, defined in /etc/inetd.conf is often tcpd, and it does some
initial checks/actions, then, if echecks are passed, it execs the rest of
its command line, still keeping stdin/stdout attached to whatever was
there.
The most common telnet entry in /etc/inetd.conf is:
telnet stream tcp nowait root /usr/sbin/tcpd /usr/sbin/in.telnetd
So it runs tcpd that then runs in.telnetd. Without tcpd it will be:
telnet stream tcp nowait root /usr/sbin/in.telnetd
> I ran into this while trying to telnet
> in from another box on a local (3 computer)
> ethernet network. I can ping. I've got samba
> shares running so I can attach. I can FTP.
>
> However, when I telnet to the Linux box from my Win9x box
> a connection appears to be opened, then it closes before
> I get a prompt ("connection to host lost").
That means, tcpd doesn't like what it sees. Most likely it can
backresolve its IP address to something, but when it tries to resolve that
name, it fails, or sees something other than its IP address.
/var/log/messages most likely contains some more or less intelligent
explanation of what exactly tcpd didn't like.
> I guess I have two questions:
> 1) what's running to allow a telnet in on my "localhost"
inetd, tcpd and in.telnetd
> 2) what can I modify to allow other boxen on my local net
> to log in?
1. The "right" way is to fix DNS, so your Windows box either doesn't
resolve at all, or its IP address resolves correctly, and /etc/hosts
doesn't conflict with DNS.
like, if its address is 192.168.0.5 you should see:
/--
bash$ nslookup 192.168.0.5
Server: localhost
Address: 127.0.0.1
Name: evil.local-subnet.foo.com
Address: 192.168.0.5
bash$ nslookup evil.local-subnet.foo.com
Server: localhost
Address: 127.0.0.1
Name: evil.local-subnet.foo.com
Address: 192.168.0.5
bash$ fgrep 192.168.0.5 /etc/hosts
bash$
\--
...and then tcpd will not complain about it.
2. The "wrong" way is to remove tcpd from telnet line in /etc/inetd.conf.
and say
kill -HUP `cat /var/run/inetd.pid`
to restart inetd. Of course, that will significantly reduce the
reliability of stuff, you will get in logs (telnet connections will be
logged as whatever seems to be the backresolved hostname), and other
services that use tcpd still won't work.
--
Alex
----------------------------------------------------------------------
Excellent.. now give users the option to cut your hair you hippie!
-- Anonymous Coward
P.S. BTW ssh is much better than telnet for a whole lot of reasons.
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
