HPE Community
Operating System - HP-UX
1823913 Members
3506 Online
109667 Solutions
New Discussion юеВ

Disabling tftp

 
SOLVED
Go to solution
Micha┼В Wachowiak
Advisor

тАО05-26-2009 01:27 AM

тАО05-26-2009 01:27 AM

Disabling tftp

Hi all,

I have a problem with disabling tftp service.
I removed tftp user from the system, then commented tftp line in /etc/inetd.conf file and after all rereaded configuration (inetd -c). I got in syslog entry:

May 26 10:18:38 X inetd[2382]: tftp/udp: Deleted service

The thing is that when I tftp from another server to that blocked server and then I use 'status' command I get:

Connected to 192.168.10.X.
Mode: netascii Verbose: off Tracing: off
Rexmt-interval: 5 seconds, Max-timeout: 25 seconds

On that blocked server I don't see any tftp daemon started.

What could be the reason of that behaviour? Is tftp disabled or not?

Regards,
Michal
0 Kudos
7 REPLIES 7
Suraj K Sankari
Honored Contributor

тАО05-26-2009 01:59 AM

тАО05-26-2009 01:59 AM

Re: Disabling tftp

Hi,
>>Is tftp disabled or not?

After getting the prompt are you able to login into the server? did you tried to login ?

Did you checked /var/adm/inetd.sec ?

Suraj
0 Kudos
Micha┼В Wachowiak
Advisor

тАО05-26-2009 02:05 AM

тАО05-26-2009 02:05 AM

Re: Disabling tftp

Suraj,

what do you mean by login in tftp?

I don't have inetd.sec file.

ls -l /var/adm/inetd.sec
/var/adm/inetd.sec not found

Regards,
Michal
0 Kudos
johnsonpk
Honored Contributor

тАО05-26-2009 03:56 AM

тАО05-26-2009 03:56 AM

Solution

Re: Disabling tftp

Hi Michael,

Connected to 192.168.10.X.
Mode: netascii Verbose: off Tracing: off
Rexmt-interval: 5 seconds, Max-timeout: 25 seconds

This would be a normal behaviour ,Could you try to down load some file (eg:/opt/ignite/boot/nbp.efi) ?

In TFTP any transfer begins with a request to read or write a file, which also serves to request a connection and includes "NO LOGIN "or access control mechanisms.


From Man tftp "Unlike FTP protocol ,TFTP doesn't maintain connections between transfers.thus the connect command does not actually create a connection but merely remebers what host is to be used for transfer"

Thanks!!
Johnson


0 Kudos
Steven E. Protter
Exalted Contributor

тАО05-26-2009 04:02 AM

тАО05-26-2009 04:02 AM

Re: Disabling tftp

Shalom,

Check list:

inetd.conf configuration
inetd.sec block configuration
TCP Wrapper if installed limitations
/etc/services modifications.

Permission on the home directory of the tftp user. It must own the files there or the daemon will not start.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
TTr
Honored Contributor

тАО05-26-2009 04:24 AM

тАО05-26-2009 04:24 AM

Re: Disabling tftp

> Connected to 192.168.10.X.

Ensure that you are connecting to the "blocked" server. (it has happened to each one of us!)

While tftp-ing from the "another" server, login to the "blocked" server and check the process listing with the ps command and look for any tftp processes. Also check if anything is listening to the tftp port with the "netstat -a" command, (tftp service or port 69).

Check inetd.conf in its entirety. Your original tftp entry may be commented out but there could be another entry somewhere else in the file.

Finally tftp may have been started outside inetd by some other software you may have installed, (netstst -a should show it).
0 Kudos
johnsonpk
Honored Contributor

тАО05-26-2009 09:16 PM

тАО05-26-2009 09:16 PM

Re: Disabling tftp

Hi Michal,

See below ..I tried to do a TFTp to no existent server(1.1.1.1) and it simply says connected.

# tftp 1.1.1.1
tftp> status
Connected to 1.1.1.1.
Mode: netascii Verbose: off Tracing: off
Rexmt-interval: 5 seconds, Max-timeout: 25 seconds
tftp>


Thanks !!
Johnson
0 Kudos
Micha┼В Wachowiak
Advisor

тАО05-27-2009 12:41 AM

тАО05-27-2009 12:41 AM

Re: Disabling tftp

Thanks all for answers.

I believe Johnson was right.

Best regards!
Michal
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.