[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: tcp connection

On Wed, 21 Jun 2000, Chris Wagner wrote:
>At 02:25 PM 6/20/00 +0200, Russell Coker wrote:
>>They don't use NVT.  The TELNET protocol is not running on (for example) a
>>web server.
>Yeah but the NVT settings have to be negotiated for each side to talk to
>each other.  If I telnet to an Apache webserver on port 80, my telnet is

No they don't.  If the server doesn't start NVT negotiation then nothing

>going to negotiate NVT with whatever's on the other end.  Both sides have to
>agree to establish the connection.  Therefore, either Apache or something
>below Apache in the stack has to know about NVT.  Otherwise Apache would
>tell me to go take a flying leap if I tried to telnet to it.  What is my
>telnet client negotiating with in this case???

Telnet client negotiates nothing.  Text you type is sent, but "\n" is
replaced by "\r\n".  Text that is received is just displayed as-is.

As an experiment to find out how hard it would be for you to determine this
without asking the list I timed myself.  I determined that in 121 seconds by
running strace(1) on telnet.
I tried using ltrace(1) to determine the same information, but after 149
seconds I realised that it was not the right tool and would not be able to
provide me with the information.  Ltrace displays the values of pointers
instead of the data it referrs to.  I could have used "-S" which might have
been more useful, but there's no point when strace(1) is available.

Then I decided to solve it properly.  Firstly I read rfc854 and rfc855 (the
base RFCs on TELNET) which didn't clarify this issue.  Then I put a telnet
daemon on port 23 and straced a telnet connection to it.  The telnet client
started with sending a sequence of NVT protocol commands to it which were
responded to.  Then I put the telnet daemon on port 1000 and repeated the
test, this time the telnet client didn't start sending any NVT commands until
after it had received some (the server had shown itself to be a NVT protocol
server not a web server or whatever else I may have chosen to run on that
port).  NVT is totally bi-directional so it could run either way.  This took
me 821 seconds.

Chris, most people here would not be able to do what I just did.  However I
believe that you are able to do everything I did (although it may have taken
you a bit longer).  I think that you should be answering questions of that
nature not asking them.

I often see questions that I don't know the answer to, and research them for
the benefit of the person who asked and everyone else on the list.  It is a
great way to learn about things if you've got some spare time.  This is why I
think that you should have researched and answered if someone else had asked
the question.

Russell Coker

Reply to: