1823920 Members
3095 Online
109667 Solutions
New Discussion юеВ

Disabling tftp

 
SOLVED
Go to solution

Disabling tftp

Hi all,

I have a problem with disabling tftp service.
I removed tftp user from the system, then commented tftp line in /etc/inetd.conf file and after all rereaded configuration (inetd -c). I got in syslog entry:

May 26 10:18:38 X inetd[2382]: tftp/udp: Deleted service

The thing is that when I tftp from another server to that blocked server and then I use 'status' command I get:

Connected to 192.168.10.X.
Mode: netascii Verbose: off Tracing: off
Rexmt-interval: 5 seconds, Max-timeout: 25 seconds

On that blocked server I don't see any tftp daemon started.

What could be the reason of that behaviour? Is tftp disabled or not?

Regards,
Michal
7 REPLIES 7
Suraj K Sankari
Honored Contributor

Re: Disabling tftp

Hi,
>>Is tftp disabled or not?

After getting the prompt are you able to login into the server? did you tried to login ?

Did you checked /var/adm/inetd.sec ?

Suraj

Re: Disabling tftp

Suraj,

what do you mean by login in tftp?

I don't have inetd.sec file.

ls -l /var/adm/inetd.sec
/var/adm/inetd.sec not found

Regards,
Michal
johnsonpk
Honored Contributor
Solution

Re: Disabling tftp

Hi Michael,

Connected to 192.168.10.X.
Mode: netascii Verbose: off Tracing: off
Rexmt-interval: 5 seconds, Max-timeout: 25 seconds

This would be a normal behaviour ,Could you try to down load some file (eg:/opt/ignite/boot/nbp.efi) ?

In TFTP any transfer begins with a request to read or write a file, which also serves to request a connection and includes "NO LOGIN "or access control mechanisms.


From Man tftp "Unlike FTP protocol ,TFTP doesn't maintain connections between transfers.thus the connect command does not actually create a connection but merely remebers what host is to be used for transfer"

Thanks!!
Johnson


Steven E. Protter
Exalted Contributor

Re: Disabling tftp

Shalom,

Check list:

inetd.conf configuration
inetd.sec block configuration
TCP Wrapper if installed limitations
/etc/services modifications.

Permission on the home directory of the tftp user. It must own the files there or the daemon will not start.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
TTr
Honored Contributor

Re: Disabling tftp

> Connected to 192.168.10.X.

Ensure that you are connecting to the "blocked" server. (it has happened to each one of us!)

While tftp-ing from the "another" server, login to the "blocked" server and check the process listing with the ps command and look for any tftp processes. Also check if anything is listening to the tftp port with the "netstat -a" command, (tftp service or port 69).

Check inetd.conf in its entirety. Your original tftp entry may be commented out but there could be another entry somewhere else in the file.

Finally tftp may have been started outside inetd by some other software you may have installed, (netstst -a should show it).
johnsonpk
Honored Contributor

Re: Disabling tftp

Hi Michal,

See below ..I tried to do a TFTp to no existent server(1.1.1.1) and it simply says connected.

# tftp 1.1.1.1
tftp> status
Connected to 1.1.1.1.
Mode: netascii Verbose: off Tracing: off
Rexmt-interval: 5 seconds, Max-timeout: 25 seconds
tftp>


Thanks !!
Johnson

Re: Disabling tftp

Thanks all for answers.

I believe Johnson was right.

Best regards!
Michal