[Xymon] xymon for AIX

Jeremy Laidman jlaidman at rebel-it.com.au
Wed May 25 01:46:33 CEST 2016 

On 25/05/2016 4:14 AM, "Wonder fo" <wonderfoo2 at gmail.com> wrote:
>
> Hi Jeremy,
>
> telnet is disabled by default on xymon server (running Centos 7.2.1511).

As it should be, the telnet daemon is disabled. But not the telnet client.
The centos should not allow anyone to connect to it, but shouldn't stop you
connecting from it to other devices that use telnet.

As an aside, telnet can be secured using kerberos.

> Below is probably an expected output consider the security risk of clear
text protocol ?

Actually, no, it's not. Here, you are using the telnet command for
something other than the telnet protocol. This is an old sysadmin trick.
The telnet command primarily just connects to a TCP service, but that
doesn't have to be the telnet service, it can be practically any TCP
service. It might be a bit confusing at first, but it works; it's as if the
command is really called "socket", and just happens to connect on the
telnet port by default. But specify another service port, and you have a
primitive tcp client for that other service. In fact people have even used
telnet in place of a xymon client binary on systems where compiling or
installing binaries is not possible.

For kicks, try using it to connect to the ssh port on the Centos server,
from itself.

# telnet 127.1 22

If you run an ssh service on the Centos server, then the above command will
successfully connect, and also give you an ssh protocol banner. (To
disconnect, press ctrl-] and type quit.)

Here, we are using telnet like netcat (aka nc). Netcat is a generic socket
connection tool that is much more flexible than the telnet client, but
telnet is more universally available, which is why it's so popular as a
socket test tool in the sysadmin's toolbox.

>  # telnet 172.31.2.131 1984
> Trying...

This should say "connected" almost instantly. The fact that it says neither
"connected" nor "refused" tells me that there's a firewall dropping
packets. As you say, there's no firewall between the client and server. So
the most likely cause is a firewall /on/ the client or server. That would
be something like iptables (technically called netfilter) on the Centos
Xymon server, restricting incoming connections on port 1984, or something
like TCP/IP filters on the AIX Xymon client, restricting outbound
connections. Try running "iptables-save" on the Xymon server to see if
there are rules defined; try running "lsfilt" on the Xymon client to see if
there are rules defined.

Cheers
Jeremy
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20160525/9c7d9e1d/attachment.html>

More information about the Xymon mailing list