Re: Telnet and VNC

Subject: Re: Telnet and VNC
From: Darron Froese (
Date: Thu Dec 30 1999 - 10:22:54 MST

on 12/30/99 9:47 AM, Weston Houghton at wrote:

> Ok, this makes sense to me, and was one of the first things I checked, but
> merely uncommenting the line in inetd.conf and restarting the box did not
> get it started, did I miss something else?

Telnet will not actually start - it's started from the inetd daemon which
means that it will only start when it senses a connection to port 23 - the
telnet port. It only runs when it's needed - it's not like apache or
sendmail which is always running at least a minimum number of daemons.

A couple of things to check:

1. Make sure that there are no spaces before the first character on the

# These are standard services.
telnet stream tcp nowait root /usr/sbin/tcpd in.telnetd <- OK

# These are standard services.
 telnet stream tcp nowait root /usr/sbin/tcpd in.telnetd <- NOT

2. You will know if you have telnet ready to go if you do this:

[darron@ans darron]$ netstat -a | grep "telnet"
tcp 0 0 *:telnet *:* LISTEN

If that second line doesn't show up - then telnet is not activated.

If something does show up and telnet is activated - you may have blocked
yourself from connecting with TCP_WRAPPERS.

The /etc/hosts.allow and /etc/hosts.deny files (the main configuration files
for TCP_WRAPPERS) are a way to control who gets access to what service on
your machine.

Short Explanation: When a connection comes in (that's covered by the
TCP_WRAPPERS) those files are checked. It reads hosts.allow to see if your
ip is on the lists and then it reads hosts.deny. Usually, your hosts.deny
file will have an ALL: ALL line in it. That means that ALL services are
denied to ALL ip address/ranges unless explicitly allowed in the hosts.allow

Here's an example of my files:

# hosts.allow This file describes the names of the hosts which are
# allowed to use the local INET services, as decided
# by the '/usr/sbin/tcpd' server.
# Allow my internal network to connect.
# Allow Bill's network to connect.
ALL: 555.555.555.555/
# Allow my work subnet access
ALL: 666.666.666.666/
# Allow ALL ssh traffic
sshd: ALL
# Allow all ftp traffic
ftpd: ALL

# hosts.deny This file describes the names of the hosts which are
# *not* allowed to use the local INET services, as decided
# by the '/usr/sbin/tcpd' server.
# The portmap line is redundant, but it is left to remind you that
# the new secure portmap uses hosts.deny and hosts.allow. In particular
# you should know that NFS uses portmap!


I hope that helped at all.

Good luck.


This archive was generated by hypermail 2a24 : Sun Jan 02 2000 - 12:12:59 MST