Read more
- Community Home
- >
- Servers and Operating Systems
- >
- Operating System - HP-UX
- >
- System Administration
- >
- syslog: telnetd[16980]: getmsg error :no data ()
-
-
Categories
- Topics
- Hybrid IT with Cloud
- Mobile & IoT
- IT for Data & Analytics
- Transformation
- Strategy and Technology
- Products
- Cloud
- Integrated Systems
- Networking
- Servers and Operating Systems
- Services
- Storage
- Company
- Events
- Partner Solutions and Certifications
- Welcome
- Welcome
- Announcements
- Tips and Tricks
- Feedback
-
Blogs
- Alliances
- Around the Storage Block
- Behind the scenes @ Labs
- Converged Data Center Infrastructure
- Digital Transformation
- Grounded in the Cloud
- HPE Careers
- HPE Storage Tech Insiders
- Infrastructure Insights
- Inspiring Progress
- Internet of Things (IoT)
- My Learning Certification
- Networking
- OEM Solutions
- Servers: The Right Compute
- Telecom IQ
- Transforming IT
-
Quick Links
- Community
- Getting Started
- FAQ
- Ranking Overview
- Rules of Participation
- Contact
- Email us
- Tell us what you think
- Information Libraries
- Integrated Systems
- Networking
- Servers
- Storage
- Other HPE Sites
- Support Center
- Enterprise.nxt
- Marketplace
- Aruba Airheads Community
-
Categories
-
Forums
-
Blogs
-
InformationEnglish
syslog: telnetd[16980]: getmsg error :no data ()
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
04-01-2013 07:47 PM
04-01-2013 07:47 PM
syslog: telnetd[16980]: getmsg error :no data ()
syslog: telnetd[16980]: getmsg error :no data ()
Hi All,
I've got this message today from server HP 11
can anyone explain why this alert occured?
many thanks..
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
04-02-2013 02:51 AM
04-02-2013 02:51 AM
Re: syslog: telnetd[16980]: getmsg error :no data ()
Re: syslog: telnetd[16980]: getmsg error :no data ()
This looks like a "debugging" style error message, intended more for the telnetd developers than for the sysadmin.
In general, when you see an error message that looks like:
<program name>[<PID>]: <unknown_name> error: <error description>
... then the <unknown_name> part is usually one of three things:
- the name of a function that is built in to the program
- the name of a standard library function
- the name of a system call
If you run "man <unknown_name>" and it returns a man page of section 2, it is a system call; if it returns a man page of section 3, it is a library function. In both of those cases, the next step is to read the description of the function/system call in order to understand what it is trying to do, then skip to the ERRORS section of the man page to see the descriptions of possible errors. The descriptions on the man page can often be more verbose and helpful than the terse one-line log messages.
If "man <unknown_name>" produces no results, then <unknown_name> is probably an internal function of <program_name>, and the only way you can know more is by viewing the source code of the program or by contacting the people responsible for the support for that program. (In the case of HP-UX telnetd, that would have meant opening a support call to HP.)
But in your situation, "man getmsg" will give you a getmsg(2) man page. However, none of the listed error codes nor their descriptions seem to be a good match to the "no data" error message.
Everything after this point is just an "educated guess" by me:
According to the getmsg(2) man page, this is about STREAMS-based files. This is probably the mechanism inetd uses to hand over the data of incoming connections to telnetd. According to the man page, a STREAMS message has a control part and a data part. "No data" would mean that the message had no data part at all, while telnetd expected at least some data.
The next problem is, what might have caused that?
My first guess would be that your system has been port-scanned, causing inetd to register an incoming connection to the telnetd port. But as the purpose of the connection was just to detect that the telnet service exists on your system, the connection was closed (or was not even fully established in the first place) without exchanging any data at all.
To confirm this theory, you would need to find a test server that has telnetd enabled and the same patch level as the server that produced the log message, port-scan it using several different methods, and see if it causes a similar messages to be logged. (If you are using a tool like nmap for port scans, you should know that only TCP-type port scans are relevant with telnetd.)
Another possible cause is a network monitoring system that periodically tests the availability of the telnetd service on your server. But if that was the case, messages like this might occur regularly and you would probably know that the message started to appear exactly when the monitoring system was installed and/or configured to monitor your server.
The worst possibility is that your server is being attacked, and this message is a result of the attacker abusing the telnet protocol in some unexpected way, causing telnetd to log a debugging-style error message.
You might want to check the patch level of your server: as port-scanning and network-based monitoring is becoming more common, operating systems are sometimes patched to handle port-scans better. If your system is not up to date, updating it might make the error message more understandable or remove it altogether.
Hewlett Packard Enterprise International
- Communities
- HPE Blogs and Forum
© Copyright 2018 Hewlett Packard Enterprise Development LP