[Xymon] xymon for AIX

John Langbein bigbandjohn at gmail.com
Wed May 25 01:49:53 CEST 2016 

This sounds like a firewall issue. Search for open poet firewall centos 7
and the command should come up. I just had the same issue.
On May 24, 2016 6:46 PM, "Jeremy Laidman" <jlaidman at rebel-it.com.au> wrote:

> On 25/05/2016 4:14 AM, "Wonder fo" <wonderfoo2 at gmail.com> wrote:
> >
> > Hi Jeremy,
> >
> > telnet is disabled by default on xymon server (running Centos 7.2.1511).
>
> As it should be, the telnet daemon is disabled. But not the telnet client.
> The centos should not allow anyone to connect to it, but shouldn't stop you
> connecting from it to other devices that use telnet.
>
> As an aside, telnet can be secured using kerberos.
>
> > Below is probably an expected output consider the security risk of clear
> text protocol ?
>
> Actually, no, it's not. Here, you are using the telnet command for
> something other than the telnet protocol. This is an old sysadmin trick.
> The telnet command primarily just connects to a TCP service, but that
> doesn't have to be the telnet service, it can be practically any TCP
> service. It might be a bit confusing at first, but it works; it's as if the
> command is really called "socket", and just happens to connect on the
> telnet port by default. But specify another service port, and you have a
> primitive tcp client for that other service. In fact people have even used
> telnet in place of a xymon client binary on systems where compiling or
> installing binaries is not possible.
>
> For kicks, try using it to connect to the ssh port on the Centos server,
> from itself.
>
> # telnet 127.1 22
>
> If you run an ssh service on the Centos server, then the above command
> will successfully connect, and also give you an ssh protocol banner. (To
> disconnect, press ctrl-] and type quit.)
>
> Here, we are using telnet like netcat (aka nc). Netcat is a generic socket
> connection tool that is much more flexible than the telnet client, but
> telnet is more universally available, which is why it's so popular as a
> socket test tool in the sysadmin's toolbox.
>
> >  # telnet 172.31.2.131 1984
> > Trying...
>
> This should say "connected" almost instantly. The fact that it says
> neither "connected" nor "refused" tells me that there's a firewall dropping
> packets. As you say, there's no firewall between the client and server. So
> the most likely cause is a firewall /on/ the client or server. That would
> be something like iptables (technically called netfilter) on the Centos
> Xymon server, restricting incoming connections on port 1984, or something
> like TCP/IP filters on the AIX Xymon client, restricting outbound
> connections. Try running "iptables-save" on the Xymon server to see if
> there are rules defined; try running "lsfilt" on the Xymon client to see if
> there are rules defined.
>
> Cheers
> Jeremy
>
> _______________________________________________
> Xymon mailing list
> Xymon at xymon.com
> http://lists.xymon.com/mailman/listinfo/xymon
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20160524/bd57d029/attachment.html>

More information about the Xymon mailing list