UGN Security

Telnet Server

Posted By: Skull

Telnet Server - 10/21/02 05:20 PM

Since i've installed telnet on my linux mandrake machine its worked perfectly. But when i went to try to log in today i found that it was refusing connections. So i did the normal, checked the firewall, made sure it was still installed as a server and everything, but to no luck. When i went to my deamons/services menu to make sure it was running, it wasn't there. Everything else that should be just not my telnet server. So i figured mabye the install was currupt or something so i went and uninstalled it, and reinstalled it. Install went well, no problems occured, go back to services menu, and still no telnet. Has anybody ever expirenced this type of problem before and if so how was it fixed.


Posted By: ReverendNinjaSox

Re: Telnet Server - 10/21/02 06:12 PM

Well. First off. You don't want to be running telnet.
Second of. Make sure you have a in.telnetd. That is the name of the server binary. After that. You are going to want to run telnet from xinetd or just inetd. Depending on which Mandrake uses. Let me know which you have and I'll show you how to set it up.
Posted By: ReverendNinjaSox

Re: Telnet Server - 10/21/02 06:17 PM

Oh. I suppose I should go into why you shouldn't use telnet. Also, listing an alternative. Ok. The reason you don't want to use telnet is because it sends data over the network completely unencrypted. All you would need is someone sitting around sniffing your network and blammo. One lost password. What you want to run, which is probably already running, is ssh. If you need a program to connect to your SSH Server from Windows. Go to and then go to downloads and download their Win SSH Program. Very nice. SSH though, encrypts the data that is transmitted through it so that you don't have to worry about people sniffing your connection. Also, you can transfer files through SSH and many other fun things.
Posted By: hKzKnight

Re: Telnet Server - 10/21/02 08:09 PM

It is true for the most part about telnet. You should not be having this problem. Never know, you could have forgetten where you put it. Or even if it seemed to install correctly, it didn't didn't. There are several made telnets out there, java, perl, c++... Go search em out and d/l a new one. I got a Java telenet, which worked fine, for my uh uses.
Posted By: Skull

Re: Telnet Server - 10/21/02 11:07 PM

I use telnet because it is convient and comes default with windows, I would use ssh but i am unable to install it on my school computers with out going through the effort of disabling their security, and i just don't have time to do that to each one of their computers. I realize that it is a big security hole, and don't care all that much... If ssh came standard on windows i'd use it instead.
Also it is a telnet server, not a client. And it has worked for about a year till i tryed to log in via that today, which it didn't work.

Posted By: sinetific

Re: Telnet Server - 10/21/02 11:52 PM

I carry putty with me on a floppy at school. It doesent matter what kind of security they have unless they dont allow you to run programs and use the floppy drives. No need to install anything just run the .exe. If i forget my floppy ill just download it to the computer im on and run it.

Hkz those are clients your refering to. Im certain skull is refering to the telnet deamon or server or telnetd what ever you wanna call it.
Posted By: hKzKnight

Re: Telnet Server - 10/22/02 12:42 AM

Ahh yes you are right, sorry didn't read that detail. Was working late. Well wait it out skull, it might actully just be the server is down. If not check that the port and term type are correct, maybe you did something. Never know. Nice idea sin, I carry all sorts of disks on me, got a floppy Unix (like a hundred) on disk, put that in the school pcs. Anway... Let us know skull.
Posted By: ReverendNinjaSox

Re: Telnet Server - 10/22/02 04:17 PM

I'd imagine he'd have known if the server was "down" considering, well, that it was HIS server in the first place. Lets see. Skull, since you have decided to go ahead and stick to unsecure connections, which is Ok so long as you don't care about your boxes security, then if you are using RedHat 7.1 or later. Type /sbin/service xinetd start. Then try connecting. If that doesn't work. Do an ls /etc/xinetd.d/. If there is a file in there called telnet. Open it up. vi /etc/xinetd.d/telnet. Look at the file. Does it by chance say "disable = yes"? If so. Change that to "disable = no". Then try telneting. Guaranteed success. This will probably work for Mandrake and SuSE as well. The default location of the in.telnetd executable by the way is /usr/sbin/in.telnetd. Here is what my /etc/xinetd.d/telnet file looks like. Feel free to create the file if it doesn't already exist. (So long as you have an /etc/xinetd.d directory.)

service telnet
        flags           = REUSE
        socket_type     = stream
        wait            = no
        user            = root
        server          = /usr/sbin/in.telnetd
        log_on_failure  += USERID
        disable         = yes
Just put that in the directory and everything will work. Considering you change disable on over to no. Oh. Also. Do a /sbin/chkconfig --list. Make sure xinetd is listed as on in run levels 3, 4, and 5. If they aren't. Do a /sbin/chkconfig --level 345 xinetd on. If that doesn't work. Do --levels. Can't remember off the top of my head which one it is. Well. That should explain a lot maybe. Let me know. Oh yes. Another thing. To check to see whether you have the telnet server even installed. If you are using a rpm based distribution, do this rpm -qa | grep telnet-server. This should pop up a response. If you don't get anything from that. Install the damned thing. This should be it. If you need any more info, feel free to let me know.
Posted By: Skull

Re: Telnet Server - 10/24/02 06:27 PM

Finally an intellegent responce from someone who actually read the post, i'll give those things a try, and get back to ya. And yes, i do realize that telnet is like going outside and yelling my passworld to the world, and at the moment convience is more important then security, eventually i'm sure i'll make the switch but am well, to lazy at the current time.


Posted By: ReverendNinjaSox

Re: Telnet Server - 10/24/02 07:16 PM

I mentioned this post to Energy, when he read it he said to me "You should have told him about TCP Wrappers". Which had completely slipped my mind. Set up tcp wrappers and you'll be a little safer then you would have normally been.

If you aren't sure what tcp wrappers are, they are the /etc/hosts.deny and /etc/hosts.allow file. In /etc/hosts.deny I'd put in ALL: ALL. In the /etc/hosts.allow file I'd put in in.telnetd:IP.ADD.RE.SS that you'll be coming from at school. If you don't know the full thing or if it's subject to change, you can just put the first 3 octects in there. IE. As opposed to, you could put 127.0.0. That would work. Also, you'd need to give permission for any other services you wanted to log into. Such as ftp or mailserver or anything. Or, if you want to be lazy about it. In hosts.deny just put in in.telnetd: ALL.
The way it is read is the first part is the service and the second part is "Who can access this" or "Who is blocked from this". It reads the hosts.deny file first too. Then any rules in hosts.allow overwrite the hosts.deny rules. I hope that made some semblance of sense. If not, let me know and I'll clarify.
Posted By: hKzKnight

Re: Telnet Server - 10/25/02 12:59 AM

Some lil info (future refrence etc, tcp wrappers)

Probably TCP Wrappers and the old "double reverse lookup problem." Try adding an entry in /etc/hosts to refer back to your client(s) and make sure that your /etc/nsswitch.conf and /etc/hosts.conf are configured to honor "files" over DNS and NIS.

On Linux systems the /etc/inetd.conf is usually configured to run most programs under an access control and logging utility called "TCP Wrappers"
(/usr/sbin/tcpd). That utility refers to a couple of configuration files (/etc/hosts.allow, and /etc/hosts.deny) and it does some "paranoid" consistency checking to try and ensure that the client "is who he claims to be." The specifics of this paranoid checking are referred to as a "double reverse DNS lookup."

Linux uses a modular name services resolution system. Newer versions of Linux use the /etc/nsswitch.conf files to control the list of name services that are used for each name space (users/accounts, groups, hosts and networks, services, mail aliases, file server maps, etc). In most cases you wouldn't have to modify the nsswitch.conf to make it look at the /etc/hosts file. In other cases you might

other sites of refrence

Perl's NET::Telnet and NET::Telnet::CISCO modules may have what you're looking for. Check

(please watch what neg [censored] you say)
Posted By: Skull

Re: Telnet Server - 10/25/02 04:08 AM

Cheers good fellows, I got it up and running again. Thank you for the info specially on the TCP Wrappers, i'll have to go do some research to further the extent of my knowlege on em, but i got a few tests done using the hosts.deny and my windows machine, and everything seems to be working


© 2018 UGN Security Forum