[lug] Socket Error

D. Stimits stimits at idcomm.com
Thu Aug 23 16:29:22 MDT 2001 

David wrote:
> 
> > Someone else mentioned use of telnet to test for service. If you telnet
> > to the X11 port, and it is summarily dropped, without any connection at
> > all, versus having a connection and then being rejected after typing in
> > some nonsense, you will know whether it is lack of tcp/ip or if it is
> > authentication. The port you are interested in is 6000 (also good to
> > monitor with tail -f /var/log/messages, plus the X11 log itself,
> > /var/log/XFree86.0.log). Simply try (adjust localhost or ip address):
> > telnet localhost 6000
> This is what I got.  Nothing in messages (except see at the end)
> 
> Rednose dajo ~ telnet localhost 6000
> Trying 127.0.0.1...
> Connected to localhost.localdomain.
> Escape character is '^]'.
> garbage        <- I type
> garbage        <- it gives
> more garbage   <- I type
> more garbage   <- it gives
> Connection closed by foreign host.
> Rednose dajo ~
> 
> > Does it allow you to connect and type nonsense, or does it drop you
> > without the ability to connect at all? Summarily dropping you indicates
> > nothing is listening for tcp/ip there. Allowing you in but dropping you
> > after typing nonsense indicates you are likely working with
> > authentication failure. Authentication is a big can of worms, but you
> > can try this for each host (use command line so it isn't permanent) you
> > might need the X display to allow connections from:
> > xhost +
> > (without any url after the '+' should open it to all)
> > Alternatively:
> > xhost +127.0.0.1
> > (or adjust to a real outside address...can do more than one)
> >
> > D. Stimits, stimits at idcomm.com
> 
> Boy, I really thought that you were on to something, but it does not
> work.
> Rednose dajo ~ xhost
> access control enabled, only authorized clients can connect
> INET:localhost.localdomain
> INET:Rednose.Anthrax
> 
> Extra bit:
> I did get two kernel messages (two more literally while I was typing
> this).  I do not know what all the fields are; are these "enquiries"
> from "friends" on the net?
> Aug 23 13:29:14 Rednose pppd[1785]: Connect: ppp0 <--> /dev/modem
> Aug 23 13:29:29 Rednose pppd[1785]: local  IP address 216.17.156.54
> Aug 23 13:29:29 Rednose pppd[1785]: remote IP address 216.17.156.226
> Aug 23 14:09:46 Rednose ipchains: Flushing all current rules and user defined chains: succeeded
> Aug 23 14:09:46 Rednose ipchains: Clearing all current rules and user defined chains: succeeded
> Aug 23 14:09:46 Rednose ipchains: Applying ipchains firewall rules succeeded
> Aug 23 14:20:05 Rednose kernel: Packet log: input REJECT ppp0 PROTO=6 216.17.175.194:4618 216.17.156.54:113 L=60 S=0x00 I=39517 F=0x4000 T=58 SYN (#4)
> Aug 23 14:35:11 Rednose kernel: Packet log: input REJECT ppp0 PROTO=6 216.17.175.194:1472 216.17.156.54:113 L=60 S=0x00 I=36919 F=0x4000 T=58 SYN (#4)
> Aug 23 14:48:16 Rednose kernel: Packet log: input REJECT ppp0 PROTO=6 211.161.246.245:4261 216.17.156.54:8080 L=48 S=0x00 I=3024 F=0x4000 T=109 SYN (#4)
> Aug 23 14:48:18 Rednose kernel: Packet log: input REJECT ppp0 PROTO=6 211.161.246.245:4261 216.17.156.54:8080 L=48 S=0x00 I=3125 F=0x4000 T=109 SYN (#4)
> 
> dajo
> _______________________________________________
> Web Page:  http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug


Port 113 is auth port (ident). Your system is requiring auth port be
open, and apparently the machine doing the connection does not run
auth/ident. You can configure it to not dump machines without identd
running, but I can't find out what the requirement is at the
moment...have to run.

D. Stimits, stimits at idcomm.com

More information about the LUG mailing list