Discussion:
problems with intrussion records and telnet
(too old to reply)
Juan C. Blanco
2007-11-14 19:40:58 UTC
Permalink
Hello, since our upgrade to Multinet 5.2 we are having problems with
local users that uses telnet to connect to the server can't login in.

After some test we see that a login fail from telnet creates an
intrussion record with a fix form of TELNET::::32.25.252.122: instead of
TELNET::IP-HEX:PORT which, I think, used to be, and yet is for FTP

This causes that a breaking evasion for a user blocks out any TELNET
login to the server

I supose that this is a bug, is that true?

Regard
Juan C. Blanco
--
+----------------------------------------------------------------+
| Juan C. Blanco |
| |
| Centro de Calculo | |
| Facultad de Informatica U.P.M. | E-mail: ***@fi.upm.es |
| Campus de Montegancedo | |
| Boadilla del Monte | Tel.: (+34) 91 336 7466 |
| 28660 MADRID (Spain) | Fax : (+34) 91 336 6913 |
+----------------------------------------------------------------+
Richard Whalen
2007-11-14 20:19:48 UTC
Permalink
Do you have MASTER_SERVER-020_A052 installed?

In MultiNet 5.2 Telnet, FTP and a few other services listen on IPv6
ports so that they can receive traffic from either IPv6 or IPv4 hosts.
The patch corrects problems with connects from IPv4 hosts.

Or are the connections originating from IPv6 hosts?

-----Original Message-----
From: Juan C. Blanco [mailto:***@fi.upm.es]
Sent: Wednesday, November 14, 2007 2:41 PM
To: info-***@process.com
Subject: problems with intrussion records and telnet

Hello, since our upgrade to Multinet 5.2 we are having problems with
local users that uses telnet to connect to the server can't login in.

After some test we see that a login fail from telnet creates an
intrussion record with a fix form of TELNET::::32.25.252.122: instead of
TELNET::IP-HEX:PORT which, I think, used to be, and yet is for FTP

This causes that a breaking evasion for a user blocks out any TELNET
login to the server

I supose that this is a bug, is that true?

Regard
Juan C. Blanco
--
+----------------------------------------------------------------+
| Juan C. Blanco |
| |
| Centro de Calculo | |
| Facultad de Informatica U.P.M. | E-mail: ***@fi.upm.es |
| Campus de Montegancedo | |
| Boadilla del Monte | Tel.: (+34) 91 336 7466 |
| 28660 MADRID (Spain) | Fax : (+34) 91 336 6913 |
+----------------------------------------------------------------+
Juan C. Blanco
2007-11-15 09:03:16 UTC
Permalink
Yes, we have this patch installed, and the last Kernel anx UCX driver.
The telnet sessions where initiated from IPV4 hosts

Regards
Juan C. Blanco
Post by Richard Whalen
Do you have MASTER_SERVER-020_A052 installed?
In MultiNet 5.2 Telnet, FTP and a few other services listen on IPv6
ports so that they can receive traffic from either IPv6 or IPv4 hosts.
The patch corrects problems with connects from IPv4 hosts.
Or are the connections originating from IPv6 hosts?
-----Original Message-----
Sent: Wednesday, November 14, 2007 2:41 PM
Subject: problems with intrussion records and telnet
Hello, since our upgrade to Multinet 5.2 we are having problems with
local users that uses telnet to connect to the server can't login in.
After some test we see that a login fail from telnet creates an
intrussion record with a fix form of TELNET::::32.25.252.122: instead of
TELNET::IP-HEX:PORT which, I think, used to be, and yet is for FTP
This causes that a breaking evasion for a user blocks out any TELNET
login to the server
I supose that this is a bug, is that true?
Regard
Juan C. Blanco
--
+----------------------------------------------------------------+
| Juan C. Blanco |
| |
| Centro de Calculo | |
| Facultad de Informatica U.P.M. | E-mail: ***@fi.upm.es |
| Campus de Montegancedo | |
| Boadilla del Monte | Tel.: (+34) 91 336 7466 |
| 28660 MADRID (Spain) | Fax : (+34) 91 336 6913 |
+----------------------------------------------------------------+
Loading...