Networking Problems with Telnet

Pray tell: how do you use a telnet client without using a TCP server?

OK, fine.

[examples elided.]

You're examples demonstrate connecting to a _TCP_server_ which you said you didn't need...

--
Grant Edwards               grant.b.edwards        Yow! Now we can become 
                                  at               alcoholics! 
 Click to see the full signature
Reply to
Grant Edwards
Loading thread data ...

That is a different story - what do you think Microsoft is?

--

-TV
Reply to
Tauno Voipio

And as I already said in another post, I misread it as "Telnet server" not "TCP server" and I didn't even catch it on a re-read after posting.

Simon.

--
Simon Clubley, clubley@remove_me.eisner.decus.org-Earth.UFP 
Microsoft: Bringing you 1980s technology to a 21st century world
Reply to
Simon Clubley

Windows NT4 Telnet client contained the Start/Stop logging feature, which the XP/Win7 didn't. In order to use Telnet efficiently, you had to copy the NT4 Telnet to more recent Windows versions.

Reply to
upsidedown

There's always PuTTY. Sure, you have to download it.

--
Les Cargill
Reply to
Les Cargill

??? Of course they did: " set logging" toggles it on/off where defaults to Ctrl-] but is selectable with "set escape {char}" or using the -e option on the command line.

However, logging control does not work unless there is a logfile name set. You do that with "set logfile {name}" or using the -f option on the command line.

George

Reply to
George Neuner

Ok, I'm back to work on this issue and I read this page which seems to say Wireshark can't sniff local traffic. It refers you to RawCap which can sniff local traffic. I used RawCap on the loopback interface, IP address 127.0.0.1 and got a small pcap file which I tried viewing using Wireshark. It says there are *no* packets in this file. I used the command line "rawcap -s 60 3 test.pcap". Is this right? Is Wireshark not the right tool to use to view the pcap file? It seems to be binary when I dump it to the screen, so a text editor won't work.

--

Rick
Reply to
rickman

On 4/2/2014 1:11 PM, George Neuner wrote: ...snip... > Moreover, the OP has given very little information about the > environment: e.g., it still is unclear to me whether there even is > more than one host involved - it seems as though he is trying to make > a loopback connection to an application/service on the same host.

Sorry, I thought I had said it was a loopback with both programs running on the same PC. I know I mentioned that the program to monitor the network only seemed to have options for monitoring physical connections and some have said I should figure out how to enable monitoring loopback which I have not yet had time to do.

I am on a router which is connected to the Internet.

Yes, I am pretty sure I started this thread saying I have little knowledge of networking. Thanks to all for their help. I should get back to this later today.

I still seem to have problems remembering to use the "followup" button rather than the "reply" button in Thunderbird. I wonder if this is configurable.

--

Rick
Reply to
rickman

If I have time today I'll install rawcap and take a look. Wireshark should be able to view the pcap file unless it is not really a pcap. Did rawcap say anything about number of packets captured, etc?

You might try again but this time make sure and ping localhost while rawcap is running just to make sure it has something to capture. It could be that your apps are not even getting to the point that they try and talk to each other, thus no packets. You could also start rawcap and then just try and telnet localhost. You should at least see the initial syn packet and probably a ack/reset reply if there is no telnet server running.

Is there any way to run the 2 apps on different systems and have them talk through a lan interface? Can you configure them to listen/connect on different IP addresses? Might be easier to debug this problem if they use a real net interface.

--
Chisolm 
Republic of Texas
Reply to
Joe Chisolm

I started RawCap and in another command window did "ping localhost" RawCap said it got 4 packets and Wireshark was able to open and read the resulting pcap file. It may be that RawCap does not work with Win 8.

Try the test with ping and telnet to see if RawCap will even capture packets. If it does capture the telnet attempt but nothing from your app then your app is not getting to the point that it even tries to connect.

--
Chisolm 
Republic of Texas
Reply to
Joe Chisolm

Ok, when I try this with ping, Rawcap says it found 8 packets and Wireshark is able to display them. When I use Telnet or ExtraPutty with my custom app, Rawcap says it found 0 packets and Wireshark sees none in the capture file.

In all cases I see the expected messages in the allowed traffic list of the firewall and nothing related to this IP address in the blocked message list. I have verified that the Windows firewall is not enabled (at least it is reporting that it is not enabled) on both private and public (or whatever the two domains are called). I have a *lot* of interaction with the Sophos firewall with Windows 8 and I have never found a problem that would make me think there is any other program acting as a firewall.

--

Rick
Reply to
rickman

Can you telnet to another host? As Simon suggested: telnet to

formatting link
on port 80 ... if you do connect then press enter to get a response. If it works, you will see a page or so of html garbage and then the connection will close.

Does "netstat -a -b" show that your application is listening on the expected port? Note that the executable name will be in square brackets on a separate line beneath the port information.

George

Reply to
George Neuner

or just run Wireshark on the same Windows endpoint, listening to the ethernet interface.

True, that.

Reply to
Przemek Klosowski

You will also have to enter the initial GET command after you connect, or at least I have always had to. If telnet connects to

formatting link
then enter the following in uppercase:

GET / HTTP/1.0

and press Return _twice_.

Simon.

--
Simon Clubley, clubley@remove_me.eisner.decus.org-Earth.UFP 
Microsoft: Bringing you 1980s technology to a 21st century world
Reply to
Simon Clubley

Great, this seems to be getting somewhere. This looks all wrong to me... Here are the significant bits.

Active Connections

Proto Local Address Foreign Address State TCP 0.0.0.0:23 Lenni:0 LISTENING [Win32for.EXE] TCP 127.0.0.1:51118 Lenni:telnet SYN_SENT [telnet.exe]

It would appear that Win32Forth is on the right port, but the wrong IP address while the telnet program is on the right address, but the wrong port. Any idea how that could happen? Here is the command for starting the Telnet program.

telnet localhost -t vtnt

This should be operating on 127.0.0.1:23, right?

The custom app uses system calls and other code I don't have source for... at least not at my fingertips. I will try the netstat program on a computer where it all works if I can find one. Thanks.

--

Rick
Reply to
rickman

Disclaimer: this is based on how it works on Linux. I don't have a Windows box to hand (I'm at home) to double check the 0.0.0.0 entry.

The above, on Linux, would look normal to me, apart from the fact the outgoing connection is stuck in the SYN_SENT state.

The 0.0.0.0:23 means that Win32for.EXE is just listening on any available network interface and has not bound itself to any specific interface. For example, from this Linux box I am typing this from:

Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:6000 0.0.0.0:* LISTEN

This is telling me X11 is listening for incoming connections from any interface.

The second entry is also ok (apart from being stuck in the SYN_SENT state :-)). In this case, because it's a client making a outgoing connection, the port of interest is the port number listed under "Foreign Address", which is correctly listed as telnet.

The local port, 51118, is just the local port number allocated at random by the local TCP stack to the client application (in this case telnet). The local port number will be different from the port number of the service you are trying to connect to.

I would probably double check the Windows Firewall settings in Control Panel to make sure the firewall is not running. If it is, then you may have to register the Win32for.EXE as a allowed binary.

I've had to do this for the actual FileZilla FTP server binary under Windows 7 (as opposed to the FileZilla manager binary which was listed automatically).

Simon.

--
Simon Clubley, clubley@remove_me.eisner.decus.org-Earth.UFP 
Microsoft: Bringing you 1980s technology to a 21st century world
Reply to
Simon Clubley

Thanks for the info. I don't know what could be getting in the way. I

*have* checked the windows firewall. It is off. Sophos reports that it is passing messages from these apps.

At the time of this transaction, the firewall did block a message on address 0.0.0.0

3:15:02 AM svchost.exe IN REFUSED UDP 0.0.0.0 BOOTPC Block All Activity

I don't suspect this as a problem as I see these messages coming in often.

This is what I see passed by the firewall...

3:15:11 AM Win32for.exe IN TCP 127.0.0.1 51118 Allow loopback TCP connection 3:15:05 AM Win32for.exe IN TCP 127.0.0.1 51118 Allow loopback TCP connection 3:15:02 AM Win32for.exe IN TCP 127.0.0.1 51118 Allow loopback TCP connection 3:15:02 AM telnet.exe OUT TCP 127.0.0.1 Telnet Telnet

Any idea why the packet sniffer doesn't see any of this?

--

Rick
Reply to
rickman

Because I don't have any Windows 8 experience, I am now moving from what I know about into a guessing what might be wrong mode.

Some generic questions:

Did you try using the telnet client to connect to

formatting link
on port 80 ? (That's unlikely given what you show below, but it's worth a try anyway just to eliminate a possible problem with the telnet client.)

_After_ disconnecting the PC from the network, try turning off the Sophos firewall temporarily and see if telnet now works.

IIRC, someone earlier on in the thread mentioned a Windows version of netcat existed. You _really_ should try that instead of your Win32for.exe and see what happens.

If things are getting that far, it doesn't feel like a problem with the telnet client as such.

Sorry, no.

Simon.

--
Simon Clubley, clubley@remove_me.eisner.decus.org-Earth.UFP 
Microsoft: Bringing you 1980s technology to a 21st century world
Reply to
Simon Clubley

I just tried this and telnet seems to be waiting for something, but nothing is shown. It just says, "Connecting to

formatting link
"... no, wait. When I hit escape it dumped a bunch of stuff that looks like HTML. The firewall only showed one message allowed which was from telnet. I didn't see the HTML traffic coming back.

11:20:10 AM telnet.exe OUT TCP 173.194.46.112 HTTP Citrix Terminal Services (TCP)

I have done this before. It makes no difference.

I'll give that a try.

--

Rick
Reply to
rickman

You need to enter the string I posted in a previous message.

After connecting, enter (in uppercase):

GET / HTTP/1.0

and press Return _twice_.

Unless your firewall is logging things in a rather unusual way, that's about all you should see. That's a two way connection above, and the HTML traffic is returned in the same connection as the issued HTTP command.

The fact you got this far however would seem to suggest it's not a problem with the telnet client itself.

So we now know it's not the third party firewall.

If this works, your next task would be to review the code in Win32for.exe which listens for and accepts incoming connections.

The issue seems to be narrowing to either faulty code in Win32for.exe which just happened to work before, or something new in Windows 8 which I am unaware of.

For those of you with Windows 8 experience, are there any additional process/network containment features (in addition to the traditional firewall) which might need adjusting ?

Simon.

--
Simon Clubley, clubley@remove_me.eisner.decus.org-Earth.UFP 
Microsoft: Bringing you 1980s technology to a 21st century world
Reply to
Simon Clubley

ElectronDepot website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.