Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Detecting if rlogin daemon is running...

399 views
Skip to first unread message

Vikram Lele

unread,
Apr 4, 2003, 3:55:36 AM4/4/03
to
Hi,

I have a very limited knowledge of Unix, so pardon me if this is an
elementry question (but please anwser anyways).

How to detect if the rlogin / rsh / telnet services are active on a
server by running some sort of script on the server using non-root
login ?

I was suggested that ps can be used (ps aex | grep <service name>) to
do this. When I tried this for ftp service (which I know for sure is
running on my linux server RH 7.1), I got nothing.

The other approach that I tried was using expect, but expect i not
available on all flavours of Unix.

Please advice.

Thanks.

Vikram Lele

lme...@rwvlpt.com.wh

unread,
Apr 4, 2003, 3:59:23 AM4/4/03
to
|How to detect if the rlogin / rsh / telnet services are active on a
|server by running some sort of script on the server using non-root
|login ?

netstat -at or lsof is more reliable. But be aware that firewalls or
tcpwrappers may make the service unavailable.

|I was suggested that ps can be used (ps aex | grep <service name>) to
|do this. When I tried this for ftp service (which I know for sure is
|running on my linux server RH 7.1), I got nothing.

Because often ftp is spawned from *inetd and the process doesn't start
until a connection is made.

Vikram Lele

unread,
Apr 4, 2003, 9:11:08 AM4/4/03
to
Thanks a lot.

When I did netstat -at | less, I did find ftp and telnet in there, so
it should help me detect these (and other) services. Its no problem
even if they are eventually blocked by the firewall. My current
requirement is to warn that rlogin / rsh etc are running.

You said that ftp is often spawned from *inetd. This is indeed the
case in my server. Can I safely assume that the netstat approach will
still work ?

Thanks,
Vikram


lme...@rwvlpt.com.wh wrote in message news:<LPbja.9705$ft3....@news-server.bigpond.net.au>...

oet...@dmoyul.com.xe

unread,
Apr 4, 2003, 9:27:35 AM4/4/03
to
|You said that ftp is often spawned from *inetd. This is indeed the
|case in my server. Can I safely assume that the netstat approach will
|still work ?

netstat -at shows what ports have processes listening. netstat -atp (as
root) will show you the process. You will see that *inetd has the ftp
port open.

Vikram Lele

unread,
Apr 4, 2003, 10:59:19 PM4/4/03
to
Thanks. Ran into the next issue.

What does rlogin show up as ? I enabled rlogin (commented the disabled
= yes entry from rlogin file in /etc/xinetd.d directory and restarted
xinetd), but netstat -atp doesn't show rlogin.

Am I missing something here ?

- Vikram


oet...@dmoyul.com.xe wrote in message news:<rDgja.10089$ft3....@news-server.bigpond.net.au>...

xp...@surrrv.com.ek

unread,
Apr 5, 2003, 1:40:43 AM4/5/03
to
|What does rlogin show up as ? I enabled rlogin (commented the disabled
|= yes entry from rlogin file in /etc/xinetd.d directory and restarted
|xinetd), but netstat -atp doesn't show rlogin.

The service name corresponding to rlogin is login (port 513). Netstat
displays the official name of the service as obtained by
getservbyport(3), which usually looks up /etc/services. You can get
netstat to display ports with the -n option, RTM.

You could also use nmap with the TCP connect method to check if the
service is actually available at the specified port, after firewalling
and tcpwrappers are applied.

Vikram Lele

unread,
Apr 7, 2003, 2:38:43 AM4/7/03
to
Thanks all.

Learned a few things, I will try and use them in my scripts now.

- Vikram


xp...@surrrv.com.ek wrote in message news:<LTuja.785$Tb6....@news-server.bigpond.net.au>...

0 new messages