HPE Community
Operating System - HP-UX
1834903 Members
2721 Online
110071 Solutions
New Discussion

Telnet hostname displayed

 
SOLVED
Go to solution
Mark Killen
Occasional Advisor

‎03-23-2006 07:00 AM

‎03-23-2006 07:00 AM

Telnet hostname displayed

Hello, does anyone know how to turn off the display of the messages "trying 111.111.111.111 ..." and "Connected to hostname.dont.display (111.111.111.111)" when you telnet to a server. I know it does not appear in ssh but for now we are only have cutover to ssh and there will be some that never switch. I do not want the ip and hostname displayed in when connecting via telnet. I have done some searching but have not found how to shut it off. If there is an answer please let me know.
life is too short to work so long
0 Kudos
Reply
7 REPLIES 7
Steven E. Protter
Exalted Contributor

‎03-23-2006 07:06 AM

‎03-23-2006 07:06 AM

Re: Telnet hostname displayed

Shalom Killen,

If you are concerned about hostname display for security reasons, consider turning off telnet altogether.

Here are some guides on how to make it display:

http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=194483

http://docs.hp.com/hpux/pdf/B2355-90148.pdf

This is good, because it shows how to make it display, hopefully providing the path to making it stop.
http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=978006


These guides will hopefully tell you how to do the reverse, since my search turned up nothing.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Senthil Prabu.S_1
Trusted Contributor

‎03-23-2006 05:02 PM

‎03-23-2006 05:02 PM

Re: Telnet hostname displayed

Hi,


f you want to remove the pre-login text, just modify /etc/inetd.conf and add the -h option for telnetd. Here's what that line looks like on my 3.2-RELEASE test box:

telnet stream tcp nowait root /usr/libexec/telnetd telnetd -h

And from man telnetd you find this:

-h Disable the printing of host-specific information before login
has been completed.

Remember to HUP inetd to invoke these changes.


HTH,
Prabu.S
One man's "magic" is another man's engineering. "Supernatural" is a null word.
0 Kudos
Reply
Muthukumar_5
Honored Contributor

‎03-23-2006 05:18 PM

‎03-23-2006 05:18 PM

Re: Telnet hostname displayed

Try to use empty banner file like,

# touch /etc/emptrybanner
# chown bin:bin /etc/emptybanner

Edit /etc/inetd.conf file as,

telnet stream tcp6 nowait root /usr/lbin/telnetd -b /etc/emptybanner

which will not send hostname and ip-address informations.

--
Muthu
Easy to suggest when don't know about the problem!
0 Kudos
Reply
rariasn
Honored Contributor

‎03-23-2006 11:59 PM

‎03-23-2006 11:59 PM

Re: Telnet hostname displayed

Hi Mark,

$ grep -i telnet /etc/inetd.conf

telnet stream tcp nowait root /usr/lbin/telnetd telnetd -b /etc/issue

$ ll /etc/issue

-r--r--r-- 1 bin bin 0 Nov 24 07:59 /etc/issue

rgs,

ran
0 Kudos
Reply
Mark Killen
Occasional Advisor

‎03-24-2006 12:45 AM

‎03-24-2006 12:45 AM

Re: Telnet hostname displayed

Thanks but none of the info provided has worked. I will add more information, I am running HPUX 11.11 and 11.23 the -h is not valid for that telnet (looks like it will work on linux). The /etc/issue blank out removes host info once connected, but I was trying was not to show the info between the telnet command and the actual connection. That is where it shows the hostname and ip address, before you get the Login: prompt.
life is too short to work so long
0 Kudos
Reply
Matti_Kurkela
Honored Contributor

‎03-24-2006 01:43 AM

‎03-24-2006 01:43 AM

Solution

Re: Telnet hostname displayed

Those messages are printed by the telnet _client_.

Those messages don't really tell the user anything the user would not be able to find out in other ways.

If the user enters the command "telnet somehost", the message "trying 123.456.789.012..." just reveals the IP address: the user could just as well find this out by entering the command "nslookup somehost".

The next message "Connected to somehost.dont.display (123.456.789.012)" just repeats the (full) hostname and the IP address together. If the full hostname is not the same as the one user entered, there may be several names associated with the IP address. That can be fixed only by changing the DNS names.

The only sure way to remove those messages would be to compile a customized telnet client. Most standard telnet clients print out those messages: you'd have to edit the source code to disable the messages.

Even then, users that can bring their own telnet binary to the system and run it to see the messages: running a telnet client does not require any special privileges, unless you're running a special OS like HP-UX 11.04 VirtualVault.

Besides, those messages are actually useful when diagnosing connection problems:

- if the connection hangs with no message at all, it is very likely a problem in resolving the server IP address

- if the connection hangs after the "trying " message, you can verify the name was resolved to the correct IP address: the connection hanging at this point suggests that the server is not answering at all, or that a firewall blocks the connection between the server and the client

- if the connection hangs after "Connected to..." message, you know the communication between the client and the server works (the TCP three-way handshake was successfully completed) but the server just does not answer for some reason.
MK
Reply
Mark Killen
Occasional Advisor

‎03-24-2006 02:00 AM

‎03-24-2006 02:00 AM

Re: Telnet hostname displayed

Thanks Matti that make sense to me now. will also help in my explaination to the security team.
life is too short to work so long
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.