Re: WEIRD: telnet
On Sun, Feb 13, 2005 at 04:13:27PM +0100, Anthony Atkielski wrote: Colin J. Raven writes: 1. Unless you *must* use telnet for some reason, it's a good idea to turn it off. Telnet is port 23; this is port 61 (NI-MAIL, whatever that is). Whoever answers will be whatever program is listening on port 61, but it won't be a standard telnet daemon. -- Anthony I think it's important to note that tcp port 23 is not telnetd, and telnetd is not tcp port 23. By convention telnetd uses this port, but it's an arbitrary relationship. I'm not attempting to discredit anyone's theories as to what the OP was actually trying to do, but just for the record telnetd could potentially be running on _any_ port. I only mention this to point out that the statement above may not be correct in all configurations i.e. telnetd could be listing on tcp port 61, though it's highly unlikely. Nathan pgpedu9IYQuZN.pgp Description: PGP signature
Re: WEIRD: telnet
Fafa Diliha Romanova writes: what's with this badly written error message? # telnet localhost:61 localhost:21: hostname nor servname provided, or not known Replace the colon with a space in the command line. -- Anthony ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: WEIRD: telnet
Anthony Atkielski wrote: Fafa Diliha Romanova writes: what's with this badly written error message? # telnet localhost:61 localhost:21: hostname nor servname provided, or not known Replace the colon with a space in the command line. Agreed - however, rethink using Telnet in favor of ssh. -- Best regards, Chris Left to themselves, all things go from bad to worse. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: WEIRD: telnet
On Feb 13 at 09:53, Fafa Diliha Romanova ASKED: what's with this badly written error message? # telnet localhost:61 localhost:21: hostname nor servname provided, or not known have somebody compromised my telnet maybe? No, the syntax is incorrect telnet hostname [space] port_number so in this case: telnet localhost 61 Some tangential observations: 1. Unless you *must* use telnet for some reason, it's a good idea to turn it off. 2. Please tell us that - in the example above - you weren't telnet'ing as root? I see it was to locahost...but even so that's not a great practice. Regards HTH, -Colin -- Colin J. Raven FreeBSD 5.3-RELEASE - http://www.FreeBSD.org - There can be only One Sun Feb 13 16:04:00 CET 2005 4:04PM up 1 day, 21:19, 9 users, load averages: 0.01, 0.00, 0.00 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: WEIRD: telnet
Chris writes: Agreed - however, rethink using Telnet in favor of ssh. I don't see how SSH would help when using telnet to connect to arbitrary ports. -- Anthony ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: WEIRD: telnet
Colin J. Raven writes: 1. Unless you *must* use telnet for some reason, it's a good idea to turn it off. Telnet is port 23; this is port 61 (NI-MAIL, whatever that is). Whoever answers will be whatever program is listening on port 61, but it won't be a standard telnet daemon. -- Anthony ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: WEIRD: telnet
Anthony Atkielski wrote: Chris writes: Agreed - however, rethink using Telnet in favor of ssh. I don't see how SSH would help when using telnet to connect to arbitrary ports. Leaving the ports issue out of it (or not) we need to tell him why Telnet is not a good thing... And that would be, Telnet passes clear text whereas ssh does not. Assuming he's setting up telnet on his device. Perhaps the user is just ignorant to what ssh is. -- Best regards, Chris There's never time to do it right, but there's always time to do it over. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: WEIRD: telnet
Chris writes: Leaving the ports issue out of it (or not) we need to tell him why Telnet is not a good thing... And that would be, Telnet passes clear text whereas ssh does not. How can he test something on port 61 without telnet? ssh requires its own port, and since it is a complex protocol, it cannot connect to just any port as telnet can. Additionally, the danger is in telnetd daemons, not in telnet clients, and the client is what is being used here. Assuming he's setting up telnet on his device. Perhaps the user is just ignorant to what ssh is. There's no danger in setting up a telnet client. I routinely use the client to check that services are listening on key ports, such as smtp or pop3 or http. -- Anthony ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: WEIRD: telnet
On Sunday 13 February 2005 09:53 am, Fafa Diliha Romanova wrote: what's with this badly written error message? # telnet localhost:61 localhost:21: hostname nor servname provided, or not known It means it tried to look up localhost:61 and couldn't make sense out of it. I believe servname is intended to mean service name, i.e. the port number or name. have somebody compromised my telnet maybe? No. The correct syntax is telnet localhost 61 or telnet localhost ni-mail where ni-mail is the name of the service that is officially registered to run on port 61. man telnet might also be informative. - Bob thanks, fafa ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: WEIRD: telnet
Anthony Atkielski wrote: Chris writes: Leaving the ports issue out of it (or not) we need to tell him why Telnet is not a good thing... And that would be, Telnet passes clear text whereas ssh does not. How can he test something on port 61 without telnet? ssh requires its own port, and since it is a complex protocol, it cannot connect to just any port as telnet can. Additionally, the danger is in telnetd daemons, not in telnet clients, and the client is what is being used here. Assuming he's setting up telnet on his device. Perhaps the user is just ignorant to what ssh is. There's no danger in setting up a telnet client. I routinely use the client to check that services are listening on key ports, such as smtp or pop3 or http. I think we're both assuming what the user is doing and the reasons as to why. Let's just agree that: 1. Telnet can use any ports providing the user redirects. 2. Telnet passes clear text no matter what. 3. ssh ought to be used to replace Telnet whenever possible. 4. ssh also can be made to work with any port other then 22 -- Best regards, Chris It is easier to get forgiveness than permission. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: WEIRD: telnet
Chris writes: I think we're both assuming what the user is doing and the reasons as to why. Let's just agree that: 1. Telnet can use any ports providing the user redirects. 2. Telnet passes clear text no matter what. 3. ssh ought to be used to replace Telnet whenever possible. 4. ssh also can be made to work with any port other then 22 %ssh -p 21 localhost ssh: connect to host localhost.atkielski.com port 21: Connection refused % Telnet uses a protocol that is identical to many other protocols apart from the text of the messages exchanged. SSH requires a specific handshaking sequence that other services on arbitrary ports do not support. So if you want to test the SMTP port, or the POP3 port, or any one of quite a few other ports, you must use telnet. Additionally, there is no security advantage to using any other client in these cases, since these protocols are not intrinsically secured, and any protocols that are secured are unlikely to use the same security protocol as that used by SSH. SSH can be made to work using any port--provided that it is a standard SSH connection to a SSH service listening on the addressed port. That obviously won't be the case if one is testing other services. So the only situation in which telnet can really be replaced by SSH is for a standard login. Since the original poster is trying to connect to port 61, I assume he is using telnet to test the service on that port, and so SSH is irrelevant. -- Anthony ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: WEIRD: telnet
On Sun, Feb 13, 2005 at 09:22:45AM -0600, Chris wrote: 2. Telnet passes clear text no matter what. Not in a Kerberos environment it doesn't, nor in an transport-mode IPsec environment. Related to that is connections where transport-level encryption typically doesn't matter: connecting over a cross-over cable is one example. 3. ssh ought to be used to replace Telnet whenever possible. s/whenever possible/where it makes sense/. -T -- 1. Get enough food to eat, and eat it. 2. Find a place to sleep where it is quiet, and sleep there. 3. Reduce intellectual and emotional noise until you arrive at the silence of yourself, and listen to it. 4. - Richard Brautigan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: WEIRD: telnet
Anthony Atkielski wrote: *snip* Since the original poster is trying to connect to port 61, I assume he is using telnet to test the service on that port, and so SSH is irrelevant. Regardless of what you assume - the user didn't indicate the reasons for using telnet nor did he relay the reason(s) for the odd port. Don't assume - either you know, or you don't. In this case - neither of us knows. With that being said, I refuse to get into semantics. -- Best regards, Chris A fail-safe circuit will destroy others. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: WEIRD: telnet
Sun, Feb 13, 2005 at 16:38:18, atkielski.anthony wrote about Re: WEIRD: telnet: 1. Telnet can use any ports providing the user redirects. 2. Telnet passes clear text no matter what. 3. ssh ought to be used to replace Telnet whenever possible. 4. ssh also can be made to work with any port other then 22 %ssh -p 21 localhost ssh: connect to host localhost.atkielski.com port 21: Connection refused % If I show screenshot with ssh'ing to port 443, will it be convincing? It is really production-using (there is a place where it is used to pass overrestricted firewall thru proxy server with authorization). Another department allows only connect to port 25 thru semi-secret SOCKS, so port 25 is also working at some host as SSH. Telnet uses a protocol that is identical to many other protocols apart from the text of the messages exchanged. SSH requires a specific handshaking sequence that other services on arbitrary ports do not support. So if you want to test the SMTP port, or the POP3 port, or any one of quite a few other ports, you must use telnet. Not current telnet, because it interprets 0xFF in wrong way. See bin/52032 Since the original poster is trying to connect to port 61, I assume he is using telnet to test the service on that port, and so SSH is irrelevant. It may be true or untrue. ;)) -netch- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: WEIRD: telnet
Valentin Nechayev writes: If I show screenshot with ssh'ing to port 443, will it be convincing? Yes. I'd like to see how it's done, if it can be done, although I'm still now sure how it would be useful. But I'd rather see it used to connect to ports like 25 or 80. Not current telnet, because it interprets 0xFF in wrong way. See bin/52032 I dunno. Works for me. Of course, all I ever do with it is check to see if sendmail or my Web server is answering, so it's not a long exchange. -- Anthony ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: WEIRD: telnet
* Colin J. Raven [EMAIL PROTECTED] [0205 15:05]: Some tangential observations: 1. Unless you *must* use telnet for some reason, it's a good idea to turn it off. This is a telnet client, how would you 'turn that off'. This is a very common way to test if a socket is listening, and there are no security issues with connecting to a socket on your own machine anyway. 2. Please tell us that - in the example above - you weren't telnet'ing as root? I see it was to locahost...but even so that's not a great practice. This makes no sense at all. Can we all stop knee-jerking at the word telnet? -- 'Aww, you know what always cheers me up? Laughing at other people's misfortunes.' -- Bender Rasputin :: Jack of All Trades - Master of Nuns ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]