Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 11 Aug 2004 11:36:45 -0700
From:      "Network Admin" <netadmin@barton.ca>
To:        <freebsd-cvsweb@FreeBSD.org>
Subject:   Curious action
Message-ID:  <000801c47fd2$28f8a4e0$6751190a@BARTON000242>
next in thread | raw e-mail | index | archive | help 
Xinetd version: xinetd-2.1.8.9pre14-5mdk

Recently I was demonstrating how easy it was to disable a service using =
xinetd.  The service I picked was telnet.  I added "disabled =3D yes" to =
the telnet definition in the xinetd.d directory and then restarted =
xinetd so the changes took effect.

The next time I tried to connect the server gave me the "refused =
connection" message as expected.  However, shortly after the first =
attempt, I tried it again and presto up came the login prompt.  I did a =
netstat on the server and there was port 23 listed as open.

I once again restarted xinetd and immediately checked for port 23 but it =
was nowhere to be seen.  I then tried connecting three times in a row =
and each time I got the "refused connection" message. "Ah-hah", I =
thought, " that fixed it!"  However, after waiting for a few minutes, I =
once more tried to connect and up came the login prompt again.

Very curious!

My next move was to completely remove the definition from the xinetd.d =
directory.  This time the telnet service stayed dead.

I waited 1/2 hour and tried again and the telnet session was still dead.

I moved the telnet definition file back into the xinetd.d directory, =
restarted xinetd and tried again.  Still dead.

Waited 5 minutes and tried again and presto, like magic it was back =
again.  "Talk about reliability!!!!"

My solution is to just remove the definition for the time being.  =
Possibly upgrading to the lastest version of xinetd will resolve this =
glitch.  If not, at least someone will know about it and possibly =
correct it in a later version.

My telnet definition file looks like this:

service telnet
{
        flags =3D REUSE
        log_on_failure +=3D USERID
        socket_type =3D stream
        user =3D root
        server =3D /usr/sbin/in.telnetd
        wait =3D no
        only_from =3D 10.25.0.0/16
        disable =3D Yes
}


Ken Smith
Network Engineer
Barton Insurance Brokers Ltd
TEL:(604)703-7056
FAX (604)703-7099
ksmith@barton.ca

"FAILURE is not an option ... it's built in to all MicroSoft products!"

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?000801c47fd2$28f8a4e0$6751190a>