Arkadaşımın rapidshare hesabının şifresinin değiştiği gün, modem resetle uğraşıp duruyordum. Modemin arayüzüne bağlanıp resetlemek zor olmasa da bunu daha kısa yoldan halletmek için bir uygulama geliştirmeye karar verdim. Modem arayüzüne telnet protokolüyle de ulaşılabildiği için ihtiyaçlarımı karşılayacak bir telnet sınıfı geliştirdim. Uygulamayı geliştirdiğim sırada DNS adreslerini değiştirmeyi beceremeyen bir arkadaşım sayesinde uygulamayı biraz daha geliştirerek ufak bir network tool’u haline getirdim. Yeni özellikler ve arayüz değişiklikleri yapabilirim ama xss tunnel’in php versiyonunu bitirene kadar kaynak kodları rafa kaldırıyorum.

http://nettool.codeplex.com adresinden uygulamaya ve kaynak kodlara ulaşabilirsiniz. Kaynak kodlarda, kodladığım Telnet ve Nic sınıflarına da sahip olacak kadar şanslısınız

Wenn ihr Apache Felix nutzt und die telnet Shell aktiviert habt

osgi.shell.telnet.port=6666

Könnt ihr mit folgendem Skript einfach eure Bundles aktualisieren.

#!/usr/bin/perl

use strict;
use warnings;

use Net::Telnet;

if (@ARGV != 2) {
        print "$0: [bundle name substring] [bundle jar absolute path]\n";
        exit 1;
}

my $bname = shift;
my $bfile = shift;

my $host = 'localhost';
my $port = 6666;

sub get_bundle_id($$) {
        my ($procs, $bname) = @_;
        my @proc = grep { m/$bname/i } @$procs;
        die "No bundle $bname found." unless @proc > 0;
        warn "Multiple bundles $bname found." if @proc > 1;
        $proc[0] =~ m/^\[\s*(\d+)\s*\]/;
        return $1;
}

my $prompt = '/->/';
my $telnet = new Net::Telnet ( Timeout=>10, Errmode=>'die', Prompt => $prompt);
$telnet->open(Host => $host, Port => $port);
$telnet->waitfor($prompt);

my @procs = $telnet->cmd('ps');

my $bid = get_bundle_id(\@procs, $bname);
print "Bundle id for $bname is $bid\n";
print "Updating bundle $bid with $bfile\n";

my @result = $telnet->cmd("update $bid file:$bfile");
print "Error: ", $result[0], "\n" if (@result > 0 && $result[0] =~ m/unable|error|fail/i);
print "done.\n";

Dies kann auch einfach in Maven integriert werden, dazu muss einfach sicher gestellt werden, dass das Skript im PATH vorhanden oder der Absolute Pfad angeben wird:

<!-- Directly deploy to osgi -->
<plugin>
     <artifactId>exec-maven-plugin</artifactId>
     <groupId>org.codehaus.mojo</groupId>
     <version>1.1</version>
     <executions>
	     <execution>
	       <phase>install</phase>
	       <goals>
	         <goal>exec</goal>
	       </goals>
	     </execution>
     </executions>
     <configuration>
       <executable>osgi_deploy.pl</executable>
       <arguments>
           <argument>${project.name}</argument>
           <argument>${project.build.directory}/${project.build.finalName}.jar</argument>
       </arguments>
    </configuration>
</plugin>

Die Ausführung:

$ mvn exec:exec
[INFO] Scanning for projects...
[INFO] ------------------------------------------------------------------------
[INFO] Building MyProject
[INFO]    task-segment: [exec:exec]
[INFO] ------------------------------------------------------------------------
[INFO] [exec:exec {execution: default-cli}]
[INFO] Bundle id for MyProject is 5
[INFO] Updating bundle 5 with /home/bpeter/workspaces/MyProject/trunk/myproject/target/myproject.jar
[INFO] done.
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESSFUL
[INFO] ------------------------------------------------------------------------

hf

Günümüzde saldırı tekniklerinin çok fazla gelişmesi ile birlikte güvenlik önlemlerinin alınması gerekliliği bir kat daha artmıştır. Artık komut satırı destekleyen bütün bilgisayar sistemleri, ağ cihazları vb sistemlere Secure Shell – SSH (güvenli komut satırı istemi ile bağlanma) ile bağlanarak cihaza ulaşım güvenli bir hale getirilebilmektedir. Telnet gibi bağlantı yöntemlerinde kullanıcı adı ve parola gibi bilgiler açık metin olarak ağ üzerinde gönderilmektedir. Ancak SSH ile bağlantı yapıldığında kullanıcı adı ve parola bilgileri şifrelenerek gönderilir. Araya giren bir saldırgan Telnet bağlantısında giden gelen bilgiyi bir kaç saniyede yakalayabilirken SSH ile aktarılan veriler saldırgan için herhangi bir anlam ifade etmeyecektir. Bu yazımızda Cisco 3725 Router üzerinde SSH bağlantısını nasıl aktif hale getireceğimizi ve telnet yerine nasıl SSH kullanabileceğimizi göreceğiz.

Router>en
Router#configure terminal
Router(config)#hostname Royter
Royter(config)#aaa new-model
Royter(config)#username kullanici password 0 P4r0l4
!crypto ile anahtar yaratabilmek için routera domain adı girmek gerekir
Royter(config)#ip domain-name ssh.gnome.com
!alttaki komut ile bir anahtar yaratılır. varsayılan değer 512 bit değerindedir. 1024 bit lik anahtar yaratabilirsiniz. Ancak 2048 gibi yüksek bir değer seçerseniz anahtarın yaratılması uzun sürebilir.
Royter(config)#crypto key generate rsa
Royter(config)#ip ssh time-out 60
Royter(config)#ip ssh authentication-retries 2
Royter(config)#line vty 0 4
! Aşağıdaki satırda vty nin artık telnet için değil SSH için kullanılacağı belirtiliyor.
Royter(config-line)#transport input SSH
Royter(config-line)#exit
!Bağlantı gerçekleştikten sonra Enable komutu ile privileged moda geçmek gerekir. Bu nedenle mutlaka Enable parolası girilmelidir. Bu parolayı secret ile kullanmak bu parolanın konfigürasyon içerisinde şifreli bir şekilde saklanmasını sağlar.
Royter(config)#enable secret cisco
Router#exit

Bu aşamadan sonra Router’ a herhangi bir IP adresinden Putty aracı ile SSH bağlantısı oluşturulabilir.

Apa sih sebenarnya Putty itu…??? Hmm… sebenarnya sayang kalo orang IT gak tau kegunaan dari Putty. Begini ya…tapi sebelumnya siapkan secangkir kopi hangat dan kalo biar lebih sedap di campur dengan susu kental manis…. sehingga otak pun menjadi fresss ^_^

Ok..langsung aja.. Putty merupakan salah satu software yang digunakan sebagai SSH client pada Platform Windows. Biasanya yang menggunakan software Putty adalah seorang administrator dan seorang Hacker.

Putty juga bisa digunakan untuk menjalankan PsyBNC, telnet dan lain-lain. Agar anda dapat memahami lebih jelas kegunaan dari Putty, download artikel di bawah ini (artikel dari Neotek).

Aplikasi Putty

Artikel penggunaan Putty

PsyBNC

The Basics of TELENET
                                     Part I

  This Bulletin is the first in a series to cover the general procedures of the
major data networks:

Telenet
Tymnet
Autonet
Arpanet
[More to be added]

                                   BACKGROUND
                                   ----------
  Telenet connects many large computers to itself through dedicated telephone
lines, each of these 'host computers' is assigned a node address(ie.:NPAxx).
Telenet is an international data network, connecting to computers around the
world.See the International telenet bulletin for more on this.

                                   CONNECTING
                                   ----------
  Telenet is probably the most 'user friendly' network of the four listed.  A
normal logon looks like this:  [NPA=Area code,xx=node address] You hit <CR>
<CR> [2 Returns] Telenet respnds with:TELENET NPAxx

TERMINAL=(Here you type your terminal identifier) (See the bulletin section for
       the list)

             @

  The '@' is Telenet's promt to you to go ahead.

                            Things to do on telenet
                            -----------------------
  To connect to a node type:
                        @C NPAxx
  Telenet will atempt to connect to the computer at the node given.
  A few of the things that Telenet will say are:

NPAxx CONNECTED (You are connected to a computer)
ILLEGAL ADDRESS (Not a working node)
NPAxx NOT REACHABLE   (The computer at that node is 'DOWN')
NPAxx REFUSED  COLLECT CONNECTION(Needs a paid ID [More later]
NPAxx REJECTING (Computer is 'UP' but not available)
NPAxx NOT RESPONDING (The computer at that node is 'DOWN')

  These are most of the things that Telenet will tell you

                               MORE THINGS TO DO
                               -----------------
  Typing an @ while in a host computer will return you to Telenet You will
still be connected to the other computer, you may:  D (to disconnect from that
computer) or TAPE (Unknown, possibly records your actions so that) (you may
look at them later)

  If you type either of the above, while not connected to a node telenet will
respond with NOT CONNECTED

                                     MISC.
                                     -----
RESET (Returns Telenet to the beggining,you must start again (with the
      <CR><CR>)

SET (Unknown)

MAIL (To connect to GTE Telemail) It will ask for User?  and Password?

                                     NOTES
                                     -----

  In addition to the normal area codes in NPAxx there are also other NPA's used
in Telenet, 909 and 311, for instance.

  Telenet hangs up after three disconnections from host computers, this
unfortunately is quite a PAIN in the ___ There is no way to get around this as
far as I can tell.

  The ID command in Telenet is to Identify users to the host computers.  You
must type ID (your ID#) (your password).  If you just type ID, telenet will
tell you that your ID is cleared, which means nothing.  To recieve a paid user
ID on telenet call them at:  Telenet customer service:800-336-0437 800-572-
0408(In Virginia)

                                    HACKING
                                    -------
  Telenet is very convinient for hackers as it connects many computers to your
terminal, without having to find and dial many numbers.  Start your Telehacking
by picking an areacode and then trying all the nodes in that NPA.  You will no
doubt find many interesting computers 'to work on'.

   Here are instructions for using TELENET.  There are some very basic things,
which most people already know, and some other things, which even the most
dedicated hackers have probably never even heard of.  This includes things such
as international access, etc.  Well, have fun.

                    THE TELENET CONNECTION
      INTERNATIONAL ADDRESSING/INTERNATIONAL ACCESS PROCEDURES

I.  TELENET INTERNATIONAL ADDRESS FORMAT

    ---------------------------- Data Network
    |                       Identification Code (DNIC)
    |
    |
    |
    |      ------------------- Area Code
    |      |
    |      |
    |      |    ------------- DTE Address
    |      |    |
    |      |    |      ----- Port Address
    |      |    |      |
    |      |    |      |
  DDDD    AAA  HHHHH   PP
                       |
                       ----- Optional Subaddress
                            Field for Packet Mode DTE

Example:  Telenet        International
        -------         -------------
        212 141         3110 21200141
        909  84         3110 90900084

II.   ACCESS TO OVERSEAS PUBLIC DATA NETWORKS

1.  Turn on the terminal and coupler.
2.  Dial the nearest Telenet access number (See Telenet Public Dial listing).
    When you hear a high-pitched tone, place the telephone
    receiver in the coupler.

     For Data Sets (Bell 103 or 113 type), depress the data button.

3.  Type Two carriage returns (CR).
4.  Telenet will give you a port identification number and ask you
    to identify your terminal type in the two or four
    character id for your terminal followed by a carriage
    return (CR) or type carriage return (CR).

      (EX.)   TELENET
             202 DL9
             TERMINAL = AJ63(CR)

5.  After Telenet prompts with a '@' type 'ID', skip a space (SP)
    and type your password followed by a carriage return.  (Contact
    your GTE Telenet Representative to obtain a required caller
    paid ID.)

      (EX.)   @ID(SP);INTL(CR)

    Type in your password.

      (EX.)   PASSWORD = 123456(CR)

6.  After Telenet prompts with an @, type a C. skip a space and
    type the network address of the computer you wish to access,
    followed by a carriage return (CR).

      (EX.)   @C(SP)023411234567890(CR)

    Note:  Your International address will follow a format such as:

         020801234567890 for France/Transpac
         023421234567890 for United Kingdom/British Telecom
         026241234567890 for Germany/Datex-P

7.  Telenet will respond with a connection message.  You are now
    ready to begin your conversation with the host computer.

      (EX.)   (ADDRESS)CONNECTED

8.  To disconnect from your computer, log off as usual.  Telenet
    will send you a disconnected message.

      (EX.)   (ADDRESS)DISCONNECTED

    Hang up to disconnect from Telenet.

(CR) = Carriage return
(SP) = Space

Suppose we want to check whether the web server(port 80) or any other network service is running or not, but we do not have any browsers (lynx, Firefox, IE, Netscape, …), then there is a simple way of doing that. Just telnet to that machine on the http port (port no. 80 in general).

$ telnet <ip_addr> <port_no>

And then, give command “get /” (without quotes). If the webserver is running, it displays the HTML script of the homepage or basic info and closes the connection to the remote host.

$ telnet wordpress.com 80 
Trying 76.74.254.126...
Connected to wordpress.com.
Escape character is '^]'.
get /
<html>
<head><title>400 Bad Request</title></head>
<body bgcolor="white">
<center><h1>400 Bad Request</h1></center>
<hr><center>nginx</center>
</body>
</html>
Connection closed by foreign host.

http://support.microsoft.com/kb/323350

Test the SMTP Service

To test the SMTP service, follow these steps:

1. On a computer running Windows Server 2003, type Telnet at a command prompt, and then press ENTER.
2. At the telnet prompt, type set LocalEcho, press ENTER, and then type open <machinename> 25, and then press ENTER.

   The output resembles the following:

   220 computername.microsoft.com ESMTP Server (Microsoft Exchange Internet Mail Service 5.5.2651.58) ready

3. Type helo me, and then press ENTER.

   The output resembles the following:

   250 OK

4. Type mail from:email@domain.com, and then press ENTER.

   The output resembles the following:

   250 OK - mail from <email@domain.com>

5. Type rcpt to:youremail@yourdomain.com, and then press ENTER.

   The output resembles the following:

   250 OK - Recipient <youremail@yourdomain.com>

6. Type Data, and then press ENTER.

   The output resembles the following:

   354 Send data.  End with CRLF.CRLF

7. Type Subject:This is a test, and then press ENTER two times.
8. Type Testing, and then press ENTER.
9. Press ENTER, type a period (.), and then press ENTER.

   The output resembles the following:

   250 OK

10. Type quit, and then press ENTER.
    

    The output resembles the following:

    221 Closing Port / Mail queued for delivery

I finally broke down and got an iPhone.

To be fair this has been in the works for a while.  I’ve been following the development of the iPhone since the first one came out, and have a theory that it will play a fairly pivotal role in the future of personal computing and computing in general, but that’s a topic for another post.  Some time ago I made a deal with myself that if I could come up with five applications on the iPhone that would significantly change how I do KAP in the field, I would be in the market for one.  That happened a while ago, but I still held out.  When looking at something like this, it’s hard to know if the decision is being made for legitimate reasons, or simply because it’s a cool gadget.  I erred on the side of cool gadget, and waited.  It was finally a combination of three things that convinced me to get one:

1. I was due for an upgrade on my existing cell pone
2. The ATT website had refurbished 16GB 3G iPhones listed for $99
3. One of my co-workers let me play with her iPhone long enough to completely fall in love with it

Ok, so in the end it’s still probably the cool gadget factor that pushed me over the top, but I did have five applications that I will use when I’m out KAPing:

1. GPS – Prior to this, I was in the market for a small handheld GPS.  I was looking long and hard at the DeLorme PN-40 for some time, but the price tag kept me from taking that plunge.  That the iPhone comes with a GPS that applications can actually access went a long way toward convincing me that this was a viable route.  The performance of the DeLorme likely exceeds what the iPhone will do, but if I was after the ultimate in accuracy I would be looking at the higher end Trimble hardware, all of which is seriously out of my price range.  And from the testing I’ve done the iPhone GPS is plenty accurate for my needs.
2. Google Earth – When the iPhone first came out, a fellow KAPer named Cris Benton picked one up.  Shortly after, he described a particularly difficult session where he needed to fly over a rail yard in order to get his camera in position over a particular subject.  The rail yard was in use, so there was no way to walk through it.  Instead he pulled up his location on Google Earth, visually determined the direction of the wind, and given his kite’s line angle he calculated how much line he needed to let out to get his camera in the correct position.  It worked like a charm.  With the addition of the integrated GPS in the iPhone 3G, this becomes even easier.
3. Anemometer – Yes, there is an anemometer for the iPhone.  It’s a $0.99 application, and is limited to a 0-25mph wind range, but at the cost it’s well worth it as a backup for my Kestrel 2000 anemometer.  I have yet to test this in the field, but from what other people have said it’s typically good to +/- 1 knot, and switching units is trivial.  Before trusting it I plan to run it in side-by-side trials against my Kestrel.
4. Inclinometer – The iPhone 3G has a 3-axis accelerometer built into it.  This has set the stage for a number of apps that replicate the behavior of a carpenter’s bubble level.  But for kiting I was after an inclinometer that would tell me the angle of my kite line.  Turns out there are a whole host of these as well.  The one I got was free off the iPhone App site.
5. Safari Web Browser – The pre-paid data plan on the iPhone makes using the integrated web browser a real no-brainer.  You can’t rack up data charges by using it, so there’s no reason not to.  Also, since the Safari browser on the iPhone is a full-blown browser, you can hit practically any web site and view it the same way you would on a full-blown computer.  This lets me bring up the local wind forecast while I’m in the field, and to check current conditions at a number of weather stations to see if conditions are changing.  I can also use this to cruise Flickr when I fly at a new location to see if there are any interesting subjects nearby.

In addition, there are a number of non-KAP applications I’m using for other reasons.  The notepad and alarm clock are particularly nice.  The iPhone will also take voice memos, which is great for taking notes while KAPing since writing while managing a radio and kite winder is asking for trouble.  I also installed issh, which is an inexpensive combination ssh, telnet, and VNC client.  I’m no longer in the UNIX sysadmin line of work, but I still do run machines at home and at work.  Now I can get to them from practically anywhere.  I also find I’m using the iPod functionality more than I thought I would, since all my music will fit on my iPhone.  The photo gallery application also makes it easy to pack a large number of KAP images on my iPhone so I can show them to people when they ask what I’m doing. Oh, and it’s also a pretty good phone.

All in all I’m more than pleased with it.  I’ve already taken the small portfolio out of my KAP bag, which saves a fair bit of weight and space.  If the anemometer works out well, I may start keeping my Kestrel at home on longer KAP hikes.  The inclinometer, GPS, Google Earth, and readily available wind forecasts are all new, and I haven’t really had a chance to see how much I will use them, or what effect they will have on my work flow in the field.  But already it’s an improvement.  Can’t beat that.

- Tom

[Erdem] is leading up the efforts to reverse engineer Samsung TV firmware with a project called SamyGo. Official Samsung firmware uses the Linux kernel, making it a familiar system to work with for many developers. So far they’ve implemented NFS and SAMBA for sharing files over the network, improved playback from USB devices, and unlocked the ability to use non-Samsung WiFi dongles.

In order to make changes to the system, you need to enable a telnet connection on the device. The SamyGo team accomplished this by changing an official version of the firmware in a hex editor to start the telnet daemon at boot time. This altered firmware is then flashed using Samsung’s built in upgrade system. Once telnet is enabled, non-official firmware can be manually flashed.

We’d love to see this project expand to other TV Brands in the future. In fact, we were looking for something like this back in June when we realized that our Sony Bravia runs a Linux kernel and can be updated via USB drive.  Be careful if you want to try this out. We can only imagine the fallout after telling your significant other that you bricked a high-priced LCD.

TCP/IP (singkatan dari Transmission Control Protocol/Internet Protocol) adalah standar komunikasi data yang digunakan oleh komunitas internet dalam proses tukar-menukar data dari satu komputer ke komputer lain di dalam jaringan Internet. Protokol ini tidaklah dapat berdiri sendiri, karena memang protokol ini berupa kumpulan protokol (protocol suite). Protokol ini juga merupakan protokol yang paling banyak digunakan saat ini. Data tersebut diimplementasikan dalam bentuk perangkat lunak (software) di sistem operasi. Istilah yang diberikan kepada perangkat lunak ini adalah TCP/IP stack

Protokol TCP/IP dikembangkan pada akhir dekade 1970-an hingga awal 1980-an sebagai sebuah protokol standar untuk menghubungkan komputer-komputer dan jaringan untuk membentuk sebuah jaringan yang luas (WAN). TCP/IP merupakan sebuah standar jaringan terbuka yang bersifat independen terhadap mekanisme transport jaringan fisik yang digunakan, sehingga dapat digunakan di mana saja. Protokol ini menggunakan skema pengalamatan yang sederhana yang disebut sebagai alamat IP (IP Address) yang mengizinkan hingga beberapa ratus juta komputer untuk dapat saling berhubungan satu sama lainnya di Internet. Protokol ini juga bersifat routable yang berarti protokol ini cocok untuk menghubungkan sistem-sistem berbeda (seperti Microsoft Windows dan keluarga UNIX) untuk membentuk jaringan yang heterogen.

Protokol TCP/IP selalu berevolusi seiring dengan waktu, mengingat semakin banyaknya kebutuhan terhadap jaringan komputer dan Internet. Pengembangan ini dilakukan oleh beberapa badan, seperti halnya Internet Society (ISOC), Internet Architecture Board (IAB), dan Internet Engineering Task Force (IETF). Macam-macam protokol yang berjalan di atas TCP/IP, skema pengalamatan, dan konsep TCP/IP didefinisikan dalam dokumen yang disebut sebagai Request for Comments (RFC) yang dikeluarkan oleh IETF.

Arsitektur
Arsitektur TCP/IP diperbandingkan dengan DARPA Reference Model dan OSI Reference Model

Arsitektur TCP/IP tidaklah berbasis model referensi tujuh lapis OSI, tetapi menggunakan model referensi DARPA. Seperti diperlihatkan dalam diagram, TCP/IP merngimplemenasikan arsitektur berlapis yang terdiri atas empat lapis. Empat lapis ini, dapat dipetakan (meski tidak secara langsung) terhadap model referensi OSI. Empat lapis ini, kadang-kadang disebut sebagai DARPA Model, Internet Model, atau DoD Model, mengingat TCP/IP merupakan protokol yang awalnya dikembangkan dari proyek ARPANET yang dimulai oleh Departemen Pertahanan Amerika Serikat.

Setiap lapisan yang dimiliki oleh kumpulan protokol (protocol suite) TCP/IP diasosiasikan dengan protokolnya masing-masing. Protokol utama dalam protokol TCP/IP adalah sebagai berikut:

* Protokol lapisan aplikasi: bertanggung jawab untuk menyediakan akses kepada aplikasi terhadap layanan jaringan TCP/IP. Protokol ini mencakup protokol Dynamic Host Configuration Protocol (DHCP), Domain Name System (DNS), Hypertext Transfer Protocol (HTTP), File Transfer Protocol (FTP), Telnet, Simple Mail Transfer Protocol (SMTP), Simple Network Management Protocol (SNMP), dan masih banyak protokol lainnya. Dalam beberapa implementasi stack protokol, seperti halnya Microsoft TCP/IP, protokol-protokol lapisan aplikasi berinteraksi dengan menggunakan antarmuka Windows Sockets (Winsock) atau NetBIOS over TCP/IP (NetBT).
* Protokol lapisan antar-host: berguna untuk membuat komunikasi menggunakan sesi koneksi yang bersifat connection-oriented atau broadcast yang bersifat connectionless. Protokol dalam lapisan ini adalah Transmission Control Protocol (TCP) dan User Datagram Protocol (UDP).
* Protokol lapisan internetwork: bertanggung jawab untuk melakukan pemetaan (routing) dan enkapsulasi paket-paket data jaringan menjadi paket-paket IP. Protokol yang bekerja dalam lapisan ini adalah Internet Protocol (IP), Address Resolution Protocol (ARP), Internet Control Message Protocol (ICMP), dan Internet Group Management Protocol (IGMP).
* Protokol lapisan antarmuka jaringan: bertanggung jawab untuk meletakkan frame-frame jaringan di atas media jaringan yang digunakan. TCP/IP dapat bekerja dengan banyak teknologi transport, mulai dari teknologi transport dalam LAN (seperti halnya Ethernet dan Token Ring), MAN dan WAN (seperti halnya dial-up modem yang berjalan di atas Public Switched Telephone Network (PSTN), Integrated Services Digital Network (ISDN), serta Asynchronous Transfer Mode (ATM)).

[sunting] Pengalamatan

Protokol TCP/IP menggunakan dua buah skema pengalamatan yang dapat digunakan untuk mengidentifikasikan sebuah komputer dalam sebuah jaringan atau jaringan dalam sebuah internetwork, yakni sebagai berikut:

* Pengalamatan IP: yang berupa alamat logis yang terdiri atas 32-bit (empat oktet berukuran 8-bit) yang umumnya ditulis dalam format www.xxx.yyy.zzz. Dengan menggunakan subnet mask yang diasosiasikan dengannya, sebuah alamat IP pun dapat dibagi menjadi dua bagian, yakni Network Identifier (NetID) yang dapat mengidentifikasikan jaringan lokal dalam sebuah internetwork dan Host identifier (HostID) yang dapat mengidentifikasikan host dalam jaringan tersebut. Sebagai contoh, alamat 205.116.008.044 dapat dibagi dengan menggunakan subnet mask 255.255.255.000 ke dalam Network ID 205.116.008.000 dan Host ID 44. Alamat IP merupakan kewajiban yang harus ditetapkan untuk sebuah host, yang dapat dilakukan secara manual (statis) atau menggunakan Dynamic Host Configuration Protocol (DHCP) (dinamis).
* Fully qualified domain name (FQDN): Alamat ini merupakan alamat yang direpresentasikan dalam nama alfanumerik yang diekspresikan dalam bentuk ., di mana mengindentifikasikan jaringan di mana sebuah komputer berada, dan mengidentifikasikan sebuah komputer dalam jaringan. Pengalamatan FQDN digunakan oleh skema penamaan domain Domain Name System (DNS). Sebagai contoh, alamat FQDN id.wikipedia.org merepresentasikan sebuah host dengan nama “id” yang terdapat di dalam domain jaringan “wikipedia.org”. Nama domain wikipedia.org merupakan second-level domain yang terdaftar di dalam top-level domain .org, yang terdaftar dalam root DNS, yang memiliki nama “.” (titik). Penggunaan FQDN lebih bersahabat dan lebih mudah diingat ketimbang dengan menggunakan alamat IP. Akan tetapi, dalam TCP/IP, agar komunikasi dapat berjalan, FQDN harus diterjemahkan terlebih dahulu (proses penerjemahan ini disebut sebagai resolusi nama) ke dalam alamat IP dengan menggunakan server yang menjalankan DNS, yang disebut dengan Name Server atau dengan menggunakan berkas hosts (/etc/hosts atau %systemroot%\system32\drivers\etc\hosts) yang disimpan di dalam mesin yang bersangkutan.

[sunting] Konsep dasar
Broom icon.svg
Artikel ini perlu dirapikan agar memenuhi standar Wikipedia
Merapikan artikel bisa berupa membagi artikel ke dalam paragraf atau wikifikasi artikel. Setelah dirapikan, tolong hapus pesan ini.
[sunting] Layanan

Berikut ini adalah layanan tradisional yang dapat berjalan di atas protokol TCP/IP:

* Pengiriman berkas (file transfer). File Transfer Protocol (FTP) memungkinkan pengguna komputer yang satu untuk dapat mengirim ataupun menerima berkas ke sebuah host di dalam jaringan. Metode otentikasi yang digunakannya adalah penggunaan nama pengguna (user name) dan [[password]], meskipun banyak juga FTP yang dapat diakses secara anonim (anonymous), alias tidak berpassword. (Keterangan lebih lanjut mengenai FTP dapat dilihat pada RFC 959.)
* Remote login. Network terminal Protocol (telnet) memungkinkan pengguna komputer dapat melakukan log in ke dalam suatu komputer di dalam suatu jaringan secara jarak jauh. Jadi hal ini berarti bahwa pengguna menggunakan komputernya sebagai perpanjangan tangan dari komputer jaringan tersebut. (Keterangan lebih lanjut mengenai Telnet dapat dilihat pada RFC 854 dan RFC 855.)
* Computer mail. Digunakan untuk menerapkan sistem surat elektronik. (Keterangan lebih lanjut mengenai e-mail dapat dilihat pada RFC 821 RFC 822.)
* Network File System (NFS). Pelayanan akses berkas-berkas yang dapat diakses dari jarak jauh yang memungkinkan klien-klien untuk mengakses berkas pada komputer jaringan, seolah-olah berkas tersebut disimpan secara lokal. (Keterangan lebih lanjut mengenai NFS dapat dilihat RFC 1001 dan RFC 1002.)
* Remote execution. Memungkinkan pengguna komputer untuk menjalankan suatu program tertentu di dalam komputer yang berbeda. Biasanya berguna jika pengguna menggunakan komputer yang terbatas, sedangkan ia memerlukan sumber yg banyak dalam suatu sistem komputer.
Ada beberapa jenis remote execution, ada yang berupa perintah-perintah dasar saja, yaitu yang dapat dijalankan dalam system komputer yang sama dan ada pula yg menggunakan sistem Remote Procedure Call (RPC), yang memungkinkan program untuk memanggil subrutin yang akan dijalankan di sistem komputer yg berbeda. (sebagai contoh dalam Berkeley UNIX ada perintah rsh dan rexec.)
* Name server yang berguna sebagai penyimpanan basis data nama host yang digunakan pada Internet (Keterangan lebih lanjut dapat dilihat pada RFC 822 dan RFC 823 yang menjelaskan mengenai penggunaan protokol name server yang bertujuan untuk menentukan nama host di Internet.)

[sunting] Request for Comments

RFC (Request For Comments) merupakan standar yang digunakan dalam Internet, meskipun ada juga isinya yg merupakan bahan diskusi ataupun omong kosong belaka. Diterbitkan oleh IAB yang merupakan komite independen yang terdiri atas para peneliti dan profesional yang mengerti teknis, kondisi dan evolusi Internet. Sebuah surat yg mengikuti nomor RFC menunjukan status RFC :

* S: Standard, standar resmi bagi internet
* DS: Draft standard, protokol tahap akhir sebelum disetujui sebagai standar
* PS: Proposed Standard, protokol pertimbangan untuk standar masa depan
* I: Informational, berisikan bahan-bahan diskusi yg sifatnya informasi
* E: Experimental, protokol dalam tahap percobaan tetapi bukan pada jalur standar.
* H: Historic, protokol-protokol yg telah digantikan atau tidak lagi dipertimbankan utk standarisasi.

[sunting] Bagaimanakah bentuk arsitektur dari TCP/IP itu ?

Dikarenakan TCP/IP adalah serangkaian protokol di mana setiap protokol melakukan sebagian dari keseluruhan tugas komunikasi jaringan, maka tentulah implementasinya tak lepas dari arsitektur jaringan itu sendiri. Arsitektur rangkaian protokol TCP/IP mendifinisikan berbagai cara agar TCP/IP dapat saling menyesuaikan.

Karena TCP/IP merupakan salah satu lapisan protokol Model OSI, berarti bahwa hierarki TCP/IP merujuk kepada 7 lapisan OSI tersebut. Tiga lapisan teratas biasa dikenal sebagai “upper level protocol” sedangkan empat lapisan terbawah dikenal sebagai “lower level protocol”. Tiap lapisan berdiri sendiri tetapi fungsi dari masing-masing lapisan bergantung dari keberhasilan operasi layer sebelumnya. Sebuah lapisan pengirim hanya perlu berhubungan dengan lapisan yang sama di penerima (jadi misalnya lapisan data link penerima hanya berhubungan dengan lapisan data link pengirim) selain dengan satu layer di atas atau di bawahnya (misalnya lapisan network berhubungan dengan lapisan transport di atasnya atau dengan lapisan data link di bawahnya).

Model dengan menggunakan lapisan ini merupakan sebuah konsep yang penting karena suatu fungsi yang rumit yang berkaitan dengan komunikasi dapat dipecahkan menjadi sejumlah unit yang lebih kecil. Tiap lapisan bertugas memberikan layanan tertentu pada lapisan diatasnya dan juga melindungi lapisan diatasnya dari rincian cara pemberian layanan tersebut. Tiap lapisan harus transparan sehingga modifikasi yang dilakukan atasnya tidak akan menyebabkan perubahan pada lapisan yang lain. Lapisan menjalankan perannya dalam pengalihan data dengan mengikuti peraturan yang berlaku untuknya dan hanya berkomunikasi dengan lapisan yang setingkat. Akibatnya sebuah layer pada satu sistem tertentu hanya akan berhubungan dengan lapisan yang sama dari sistem yang lain. Proses ini dikenal sebagai Peer process. Dalam keadaan sebenarnya tidak ada data yang langsung dialihkan antar lapisan yang sama dari dua sistem yang berbeda ini. Lapisan atas akan memberikan data dan kendali ke lapisan dibawahnya sampai lapisan yang terendah dicapai. Antara dua lapisan yang berdekatan terdapat interface (antarmuka). Interface ini mendifinisikan operasi dan layanan yang diberikan olehnya ke lapisan lebih atas. Tiap lapisan harus melaksanakan sekumpulan fungsi khusus yang dipahami dengan sempurna. Himpunan lapisan dan protokol dikenal sebagai “arsitektur jaringan”.

Alamat IP (Internet Protocol Address atau sering disingkat IP) adalah deretan angka biner antar 32-bit sampai 128-bit yang dipakai sebagai alamat identifikasi untuk tiap komputer host dalam jaringan Internet. Panjang dari angka ini adalah 32-bit (untuk IPv4 atau IP versi 4), dan 128-bit (untuk IPv6 atau IP versi 6) yang menunjukkan alamat dari komputer tersebut pada jaringan Internet berbasis TCP/IP.

Sistem pengalamatan IP ini terbagi menjadi dua, yakni:

* IP versi 4 (IPv4)
* IP versi 6 (IPv6)

[sunting] Perbandingan Alamat IPv6 dan IPv4

Tabel berikut menjelaskan perbandingan karakteristik antara alamat IP versi 4 dan alamat IP versi 6.
Kriteria Alamat IP versi 4 Alamat IP versi 6
Panjang alamat 32 bit 128 bit
Jumlah total host (teoritis) 232=±4 miliar host 2128
Menggunakan kelas alamat Ya, kelas A, B, C, D, dan E.
Belakangan tidak digunakan lagi, mengingat telah tidak relevan dengan perkembangan jaringan Internet yang pesat. Tidak
Alamat multicast Kelas D, yaitu 224.0.0.0/4 Alamat multicast IPv6, yaitu FF00:/8
Alamat broadcast Ada Tidak ada
Alamat yang belum ditentukan 0.0.0.0 ::
Alamat loopback 127.0.0.1 ::1
Alamat IP publik Alamat IP publik IPv4, yang ditetapkan oleh otoritas Internet (IANA) Alamat IPv6 unicast global
Alamat IP pribadi Alamat IP pribadi IPv4, yang ditetapkan oleh otoritas Internet Alamat IPv6 unicast site-local (FEC0::/48)
Konfigurasi alamat otomatis Ya (APIPA) Alamat IPv6 unicast link-local (FE80::/64)
Representasi tekstual Dotted decimal format notation Colon hexadecimal format notation
Fungsi Prefiks Subnet mask atau panjang prefiks Panjang prefiks
Resolusi alamat DNS A Resource Record (Single A) AAAA Resource Record (Quad A)

Lo sò è un controsenso solo a leggerlo, ma oggi mi è capitato di doverlo fare: spiego un pò di antefatto in modo da non sembrare più semo di quanto già non sembri..

Or bene, una delle mie attività prevede la gestione di una serie di macchine remote sparse per il territorio nazionale. Queste macchine sono dei semplici windows XP di proprietà di un grosso cliente, il quale ha dato la gestione della sua Wan ad un grosso gruppo IT italiano che chiamerò il “Gruppo X”.  Per ovvi motivi di sicurezza, e visto che su questo network ci passano informazioni non solo di mia competenza il Gruppo X ha abilitato sui router che mi hanno fornito, solo le porte strettamente necessarie alla mia attività di gestione.

A Gennaio dovremo attivare su queste macchine dei nuovi servizi, che richiederanno l’apertura di alcune porte. Ho chiesto al Team di gestione del Gruppo X di aprirmi queste porte. Avendo loro circa 2.000 router da aggiornare me lo hanno fatto in via preventiva solo 4/5 macchine, giusto per testare che la configurazione.

E qui nasce il problema, l’applicazione non è ancora pronta, di installare degli applicativi su queste macchine non se ne parla, come faccio a testare che la porta sia aperta e che il traffico relativo “giri” correttamente?

L’idea me l’ha data uno dei consulenti (un tecnico ndr…) che lavora per me… I server ftp freeware ormai si sprecano, vuoi che non ne esista uno che sia un semplice eseguibile?

Ebbene sì Esiste! o Meglio ne esiste più di uno, ma per il mio scopo bastava quello che ho trovato per primo ovvero Xlight Ftp si tratta di piccolo zip da scaricare. All’interno si trova l’eseguibile Xlight.exe che una volta lanciato permette, attraverso un’interfaccia davvero banale la creazione di una serie di server virtuali, la cosa per me interessante però è che ai server posso assegnaer una qualunque porta….

Da qui il gioco è fatto, basta creare un server virtuale sulla porta desiderata ed effettuarci un telnet sopra.. Il server in questione è ancora pià interessante in quanto non si limita ad aprire la sessione, ma rimanda un messaggio di benvenuto direttamente a schermo, il che dimostrerà la bontà o meno della connessione effettuata.

Apakah telnet itu?

Telnet adalah semacam P2k Commander di ponsel-ponsel Motorola lain atau file manager untuk mengeksplor (mengakses) file system. Tidak hanya itu, telnet banyak kegunaannya,  misal mengeksekusi skrip, menjalankan command dan banyak lainnya. Telnet merupakan langkah awal setelah flashing Firmware, serta  harus dipelajari untuk memodifikasi E2.

Amankah bila melakukan telnet?

100% Aman, tidak seperti Flashing yang kalau kita salah jalan, HP bisa matot alias mati total. Alhamdulillah Udah bolak-balik Flashing HP 99% berhasil, tapi pernah 1x (1%) E398 saya mengalami matot kurang-lebih 1 mingguan, namun pada akhirnya E398 saya normal kembali setelah mengalami koma berkepanjangan hoho.. sereem..

Langkah-langkah telnet adalah sebagai berikut.

1. Pada ponsel, Pilih Main Menu -> Settings -> Connection -> USB Settings -> USB Net.

2. Pada PC, pilih Start -> Run -> Ketik cmd dan enter. Jendela Command prompt akan muncul. Koneksikan HP dengan PC melalui kabel data, Windows akan meminta driver.

3. Sekarang kembali ke jendela Command prompt, ketik ipconfig dan enter. Anda akan melihat banyak tulisan, perhatikan ip address-nya. Biasanya sih 192.168.16.1.

4. Selanjutnya ketik telnet ip. Dimana ip adalah ip address yang telah Anda catat di langkah ketiga. Disini Anda harus menambah 1 dari angka terakhir ip di atas. Contohnya 192.168.16.1 menjadi 192.168.16.2. Jadi Anda harus mengetik telnet 192.168.16.2. Enter!

cmd -> enter!

5. Jika sukses, Anda diminta untuk login. Lalu ketikan root. Tapi jangan ditutup dulu Command promptnya.

pass -> root

jika sukses

6. Sekarang di Windows Explorer, pada bagian Go To ketik \\192.168.16.2 jendela baru pun muncul.

explore -> ketik \\192.168.16.2

7. Ya, itulah file system E2! Anda akan melihat banyak folder di dalamnya. Untuk tambahan, folder yang bisa ditulis ulang adalah ezx_user, ezxlocal dan mmc/mmca1 (ini memory card Anda).

Oke selesai, Anda siap memodifikasi ponsel Anda hoo..

Hola a todos, les enseñare a iniciar el servicio de telnet para que puedan manipular su computador mediante una shell desde cualquier lugar con internet….  Primero, deben tener instalado el servicio … la mayoria de los que tienen windows modificado , tipo “Windows UE” vienen sin el servicio instalado, ok, ahora vamos al lado practico.

Primero vamos a iniciar el servicio

Abrimos una shell (CMD), escribimos

net start telnet

Deberia salirnos “El servicio de telnet se esta iniciando” y luego , “el servicio telnet ha sido inciado”, despues que el servicio se haya iniciado podemos conectarnos de la siguiente forma , vamos al cmd de nuevo y escribimos

telnet 127.0.0.1

y deberia aparecernos una pantalla con un mensaje y luego el login, el login debe ser su usuario de windows y su clave,  ES REQUISITO QUE EL USUARIO DE WINDOWS TENGA UNA CLAVE.

Luego que iniciemos con el usuario y el pass le abrira una consola tipo cmd y podemos navegar en nuestro pc como si estuvieramos en un cmd localhost. (Como el famoso ssh)

Ahora les dejo las imagenes.

Telnet

Mas claro imposible, cualquier duda me dejan en los comentarios.

Funniest Blog in the universe: The Best Blog In The Universe.
(http://mcfly.xtreemhost.com come over and get your colons stomped)

Most of the time, it becomes necessary for us to monitor our own computer or a remote computer to keep track of the activities going on. This may be for several reasons. Especially it is most necessary for the parents to monitor their computer to keep track of their children’s activities during their absence. Some people may also require to monitor their computer to keep an eye on the activities of their spouse or partner. Today, with the advancement in the field of the software technology, it’s just a cakewalk to monitor the computer. For this all you have to do is, use a PC Monitoring Software.

But the job doesn’t end here. This is because there exists tons of such monitoring softwares on the market and many times we get confused which to choose and how to use them. So I have decided to make this job simpler for you, by writing this post. In this post I’ll give a detailed information about Computer monitoring softwares which include their features, advantages, installation, usage procedure and so on. To make this post interesting, let’s take up each topic in the form of question and answer.

Funniest Blog in the universe: The Best Blog In The Universe.
(http://mcfly.xtreemhost.com come over and get your colons stomped)

What exactly is a Monitoring Software and how can it help me ?

A computer monitoring software is just like any other software (program) which when installed, secretly monitors each and every activity that takes place on the computer. The activities such as web browsing, chatting, gaming etc. are all recorded and saved. These monitoring softwares can record each and every keystroke. So it is possible to capture usernames and passwords very easily with minimum effort. Monitoring softwares are also commonly known as Keyloggers.

How can I install a monitoring software ?

Installing a monitoring software is too simple. During the installation, you need to setup a secret password and hotkey combination which is required later to see the recorded data ( logs). After the installation is complete the software goes invisible, but keeps running in the background. Whenever you want to see the logs, just press the hotkey combination (ex. Shift+Ctrl+F10). Now a small window will popup asking for a password. Here you need to enter the password that was setup during the installation time. After you enter the password you’ll be able to see all the activities that took place on the computer during your absence.

Funniest Blog in the universe: The Best Blog In The Universe.
(http://mcfly.xtreemhost.com come over and get your colons stomped)

Can the person using the computer come to know about the presence of the Monitoring Software ?

Most of the time it becomes impossible to detect the presence of the monitoring software. This is because, once installed it hides itself from Start menu, Program Files, Control Panel, Task manager etc. Because of it’s stealth behaviour the user can never come to know that he/she is under the presence of monitoring.

Funniest Blog in the universe: The Best Blog In The Universe.
(http://mcfly.xtreemhost.com come over and get your colons stomped)

Which Monitoring Software should I use ?

There exists different flavours of these softwares and you have to choose the one that best match your needs. Here is a list of some of the best monitoring programs that I recommend.

For Monitoring a Local PC:

If you want to monitor a local PC (may be your own PC) then the following program is recommended.

Spy Agent Stealth

For Monitoring a Remote PC (Also works on local PC) :

If you want to monitor a remote PC  you may use the following programs. These programs works for remote PC as well as local PC.

Win-Spy Monitor

Realtime Spy

Keystroke Spy

For Monitoring a Network :

The following program can be used to monitor an Entire Network of computers from one central location. This becomes handy to monitor the staff in a company or students in a school/college.

NetVizor

Funniest Blog in the universe: The Best Blog In The Universe.
(http://mcfly.xtreemhost.com come over and get your colons stomped)

ตอนแรกคิดว่า ms ตัด Telnet ออกไปจาก Windows 7 แต่จริงๆแล้วไม่ใช่ แค่ปิดไว้ชั่วคราว ใครที่จะใช้งาน telnet ให้ทำตามนี้ครับ

1. ไปที่ Control Panel เลือก Programs and features

2. เลือก Turn Windows features on or off ทางเมนูด้านซ้าย

3. จะมีหน้าต่างแสดงรายชื่อ Features ขึ้นมาให้เลือกติ๊กตรง Telnet Client จะเป็นการเปิดใช้งานครับผม

ที่่มา http://www.tech-recipes.com/rx/4230/windows-7-install-the-telnet-client/

Όπως γνωρίζουμε όλες οι συζήτησεις μας στο MSN και σε άλλους messenger δεν είναι καθόλου private.Όλες οι συζητήσεις αποθηκεύονται σε mainframes και τα password που αποστέλονται είναι σε plain text (καθαρό κείμενο) χωρίς καμία κρυπτογράφηση.

Αν θέλουμε λοιπόν να έχουμε μία ασφαλή συνομιλία με τους φίλους μας ή αν έχουμε κάτι να κρύψουμε τότε ίσως είναι μία καλή λύση να σκεφτούμε την περίπτωση να είμαστε εμείς ο server όπου θα γίνει η συνομιλία με αυτόν που θέλουμε.

Πώς μπορούμε να το κάνουμε αυτό?

Υπάρχουν αρκετά διαθέσιμα προγράμματα για αυτήν την δουλειά όπως το STChat που μπορούμε να το βρούμε στην παρακάτω διεύθυνση:

http://sourceforge.net/projects/stchat/

Μόλις το κατεβάσουμε το κάνουμε εξαγωγή στο C:/ και ο φάκελος θα έχει το όνομα stc-0_16.Ανοίγουμε το σημειωματάριο και γράφουμε το ακόλουθο:

@echo off
CD C:/stc-0_16
java stc 22

Το σώζουμε σαν .bat αρχείο και το τρέχουμε.Τώρα για να συνδεθούμε κάνουμε telnet IP 22.Όπου IP είναι η IP μας και 22 είναι το port για τις συνόδους telnet.Δίνοντας την IP μας σε αυτόν που θέλουμε να συνομιλήσουμε και εκτελώντας την ίδια εντολή (telnet) μπορεί να συνδεθεί στον υπολογιστή μας και μέσω telnet να αρχίσουμε να συνομιλούμε.

By default, telnet is enabled to be access by remote logins for a non-root user. To allow a root user to access the telnet remotely you will have to explicitly allow it.

This can be done by commenting the following line in the file /etc/default/login:

# CONSOLE=/dev/console

But please understand the security threat behind this, first telnet is insecure and hence is not suggested method of remote access, instead use SSH. Besides allowing remote login for root via telnet is a big NO NO.

You’ve been warned!

When I discovered the internet some years ago, I started playing text based games on telnet, it gave me the good old feeling of text based adventures on my old C64. Now I found this (thx Ormus), if you like old style ASCII and Star Wars, this is totally yours. Just type

Windows + G

Then “cmd”

At least enter “telnet towel.blinkenlights.nl” and press RETURN

just wait a few seconds and the magic will start.

Who ever this made, I salute to you!

A few equipment loans, and some minor computer assistance circumstances. Pretty smooth morning. A girl should be coming in who had XP installed on her laptop yesterday. For more info on that, refer to the September 15, 12-5 Blog. I spent the morning working on a powerpoint for tlc. Thanks for asking, lol its coming along really well and I should be finished with it tomorrow. Also, if anyone knows anything about telnet and why our firewalls aren’t letting it get through, please call Tara Goering 785-614-3120. Other than that, have a great day!

Configuring telnet in Internet Superserver in Ubuntu 9.04 Jaunty

To install telnet server, you will first need to install the Internet Supserserver, inetd package.

# apt-get install xinetd

Setting up xinetd (1:2.3.14-7ubuntu1) …

* Stopping internet superserver xinetd [ OK ]

* Starting internet superserver xinetd [ OK ]

Check if the xinetd service is running

# ps -ef|grep xinetd

root 8569 1 0 02:48 ? 00:00:00 /usr/sbin/xinetd -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6

Now install the telnet server package, telnetd

# apt-get install telnetd

Adding user telnetd to group utmp

——— IMPORTANT INFORMATION FOR XINETD USERS ———-

The following line will be added to your /etc/inetd.conf file:

telnet stream tcp nowait telnetd /usr/sbin/tcpd /usr/sbin/in.telnetd

If you are indeed using xinetd, you will have to convert the

above into /etc/xinetd.conf format, and add it manually. See

/usr/share/doc/xinetd/README.Debian for more information.

Suggested entry (automatically converted using itox):

service telnet

{

socket_type = stream

protocol = tcp

wait = no

user = telnetd

<output truncated for brevity>

telnetd will not be running as it is installed as an Internet Superserver, which means it listens to telnet requests.

Check that telnetd server is included in the /etc/inet.conf file

root@ismail-laptop:~# more /etc/inetd.conf

#<off># ftp stream tcp nowait root /usr/sbin/tcpd /usr/sbin/proftpd

telnet stream tcp nowait telnetd /usr/sbin/tcpd /usr/sbin/in.telnetd

Now you need to create the telnetd script in /etc/xinetd.d directory:

# cd /etc/xinetd.d

#vi telnetd

service telnetd

{

disable = no

type = INTERNAL

socket_type = stream

protocol = tcp

user = root

wait = no

}

Restart the xinetd services

# /etc/init.d/./xinetd restart

Also check that you have the in.telnetd files in /usr/sbin

# ls /usr/sbin/ in*

in.proftpd inputattach install-docs install-info install-sgmlcatalog in.telnetd invoke-rc.d

Now telnet to your local machine using a valid user account.

root@ismail-laptop:~# telnet localhost

Trying ::1…

Connected to localhost.

Escape character is ‘^]’.

Ubuntu 9.04

ismail-laptop login: ismail

Password:

Last login: Wed Aug 19 03:02:08 SGT 2009 from localhost on pts/4

Your should be able to telnet using your user account, except root.

To allow root to telnet edit the following file:

# cd /etc/pam.d/

Edit the file called login or remote and mask out the following line:

#auth [success=ok ignore=ignore user_unknown=ignore default=die] pam_securetty.so

Now restart the xinetd services and telnet using root:

# /etc/init.d/./xinetd restart

Ubuntu 9.04

ismail-laptop login: root

Password:

Last login: Wed Aug 19 02:26:06 SGT 2009 from localhost on pts/4

Linux ismail-laptop 2.6.28-13-generic #45-Ubuntu SMP Tue Jun 30 19:49:51 UTC 2009 i686

Last was Wednesday 19,August,2009 03:12:26 AM SGT on pts/4.

root@ismail-laptop:~#

Yes you can now telnet using root account.

]]> http://cciew.wordpress.com/2009/09/09/ssh-telnet-http-at-the-wlc/ Wed, 09 Sep 2009 15:00:42 +0000 cciew http://cciew.wordpress.com/2009/09/09/ssh-telnet-http-at-the-wlc/

To verify if SSH, Telnet, HTTPS or HTTP is allowed to the WLC, please use the command :
(Cisco Controller) >show network summary

RF-Network Name……………………….. CCIE
Web Mode……………………………… Disable
Secure Web Mode……………………….. Enable
Secure Web Mode Cipher-Option High………. Disable
Secure Shell (ssh)…………………….. Enable
Telnet……………………………….. Enable
Ethernet Multicast Mode………………… Disable Mode: Ucast
Ethernet Broadcast Mode………………… Disable
IGMP snooping…………………………. Disabled
IGMP timeout………………………….. 60 seconds
User Idle Timeout……………………… 300 seconds
ARP Idle Timeout………………………. 300 seconds
ARP Unicast Mode………………………. Disabled
Cisco AP Default Master………………… Disable
Mgmt Via Wireless Interface…………….. Disable
Mgmt Via Dynamic Interface……………… Disable
Bridge MAC filter Config……………….. Enable
Bridge Security Mode…………………… EAP
Over The Air Provisioning of AP’s……….. Enable
Apple Talk …………………………… Disable
AP Fallback ………………………….. Enable
–More– or (q)uit
Web Auth Redirect Ports ……………….. 80
Fast SSID Change ……………………… Disabled
802.3 Bridging ……………………….. Disable

To enable/disable SSH :
(Cisco Controller) >config network ssh enable

To enable/disable Telnet :
(Cisco Controller) >config network telnet enable

To enable/disable HTTP :
(Cisco Controller) >config network http enable

To enable/disable HTTPS :
(Cisco Controller) >config network https enable

To prevent that wireless client can configure the WLC :
(Cisco Controller) >config network mgmt-via-wireless disable

To prevent that devices on the same VLAN as the controller can access the management protocols.
(Cisco Controller) >config network mgmt-via-dynamic-interface enable

The management interface is always reachable (Unless you use ACL Filters.) but without any login prompt.