I understand that Telnet is a protocol as much as HTTP. I have this notion that after the initial TCP connection is made the Telnet client would send some telnet specific code over to the server on the other side in this case a HTTP server. But since HTTP server doesn't understand Telnet specific codes it should throw an error or drop the connection etc. But in reality we can telnet to a HTTP server and fetch pages if we type in correct HTTP headers and send them. How can it be like that? Wikipedia entry really didn't help me to understand this specific point. (http://en.wikipedia.org/wiki/Telnet#Telnet_data)
Telnet is just an easy interactive way to open a TCP connection to a listening socket. Because the telnet client blindly sends what you type to that socket, it can theoretically emulate any other protocol on top of TCP. Actually the fact that non printable chars are interpreted by the keyboard driver is the only limit.
HTTP does not use non printable chars except to delimit between the HTTP header and the body with two consecutive "line breaks" (i.e. a "blank line").
Please note that I'm not talking about the HTML body tag here, but the payload (e.g SOAP body).
No magic here basically.
Let's see the dynamic of things.
HTTP supports a number of commands like GET, POST, PUT etc...
Each command has its syntax and there is an associated response with an agreed upon syntax and well defined error codes.
When you connect to an HTTP server using telnet, you open the socket connection and the server forks a thread to manage the dialog with your client. You can then mimic a browser by typing the command that the browser would send. Each time you strike the CR key, the client submits the line to the server. If a command contains several lines, you can enter several lines, each of them corresponding to a line of the command header. Once you strike two CR in a row (i.e. an empty line), the command header is deemed complete by the server and the response is put together and sent back to your client. Because a telnet client's life goal is to echo received characters (unless told otherwise), then you can see the response header and body on your terminal window. Telnet stops there. A browser would render the HTML (if the response is an HTML page).
I hope that clarifies it all.
You are right in saying that telnet is its own protocol, which is described in a couple of RFC's. You can take a look at wikipedia to see which ones exactly and some other resources that explain the protocol.
Basically it works like this: when you use telnet to connect to a server, it will show every printable character the server sends to you. And everything you type will be sent back to the server. This is how you can retrieve web pages when connecting to a web server: you send a command that a http server accepts and get the correct result.
Now, there are a few telnet specifics option. IIRC, you won't send them to the server unless the server sends them first. Those options are used to enable/disable local echo (think about passwords, you don't want those visible when logging in), negotiate terminal size, negotiate end of line type. Those are commands that are a few bytes long and start with byte 255 (called IAC, interpret as command). When you connect to a telnet server, your client will interpret those and reply accordingly, all automatically in the background, without showing you those commands.
Although not specific to telnet, a telnet server can also send ANSI escape sequences. Those are used for colors, bold, cursor positioning, ... A telnet client will also interpret those (or just pass them on to the terminal emulator you're using, like xterm).
If you want something "lower-level" than telnet, which won't interpret telnet options and actually display what you get, you may want to take a look at netcat
You can query a http server using telnet, I often do as a quick and nasty test
telnet doesnt send any codes. it just makes the connection, but there are telnet specific codes you can send if you require
do this...
telnet server.com 80
GET http/1.0 /^m
host: server.com^m
^m
... servers response
^m = enter key
I have done this is done in linux in windows it may be different.
DC
Related
I am using Telnet on an Ubuntu 18.04 Server being accessed via SSH. I log into the email server being set up that uses PostFix and DoveCot, to test if the "phil#xxxxxxx.com" mail account is working.
This is the exchange:
root#xxxxxxx:/var/log# telnet xxxxxxx.com 110
Trying 2600:3c01::f03c:92ff:fe93:5fa0... Connected to xxxxxxx.com.
Escape character is '^]'. +OK Dovecot (Ubuntu) ready.
USER phil +OK
PASS fakepassword
-ERR [AUTH] Authentication failed.
I'm not trying to solve the entire mystery here, but just wanted to check on whether this is a valid use of Telnet. A website about using Telnet states the following:
However, you should note that Telnet is not encrypted. Most public
internet services, such as Google or Yahoo, require an encrypted
connection—which isn't supported by Telnet.
Is this a situation were the lack of encryption might contribute to the authentication failure? I'm guessing not, since I'm not going through a browser. I just wanted to verify that if everything was set up right, this would be a valid way to test the email account.
Yes, you can use telnet for protocol exploration. POP3 in this case is text based and not wrapped in TLS, so it works out without any other advanced tools (eg openssl).
That said you will want to familiarize yourself with the POP3 AUTH exchange, which is probably not going to accept credentials in cleartext these days. (If this were 1999, different story.)
https://ietf.org/rfc/rfc1939.txt
You might consider using an actual email program (MUA in the parlance) to negotiate the connection, in tandem with a protocol sniffer like wireshark to see how the exchange works.
so i started to work in this summer and the first task they have given to me is to use wireshark to understand why an application that uses webRTC doesn't use the turn server.
Can you guys help me out, to understand which steps should i do to understand better where is the problem.
I already run the wireshark and only get protocols STUN, that bind to a UDP connection.
TURN is a STUN extension so you will only see STUN packets in Wireshark.
You can easily test WebRTC+TURN in isolation using this sample from the WebRTC project. Remove the default stun server and add the url and credentials for your own TURN server.
Fire up wireshark, start capturing.
Click the "gather candidates" button on that page. You should see candidates with host type at least. You should, if the browser can reach the TURN server usually also see candidates with a srflx type.
If the TURN server is working and your credentials are valid, then you will get candidates with type relay. But you probably wouldn't be asking then.
Now go back to wireshark. Set the display filter to 'stun'. You should see some packets sent to the ip address of the TURN server. Right-click on one of them, 'follow' and 'udp stream'. That should show you all the packets between the browser and the TURN server.
You should be seeing binding requests (message_type=0x01) as well as binding success responses (message_type=0x101) from the server. If you don't see those, your turn server is not responding or something is blocking the client. You will also not get srflx candidates on the candidate gathering demo page.
You should also see packets wireshark interprets as 'allocate request udp' (the message type is 0x101). These are the important ones for TURN.
You should see an error from the TURN server with a message type 0x113 and an error code 401 (unauthorized) because in the first packets, there is no username attribute. In response to those the browser will start sending allocate requests that contain both a username and a message-integrity.
If things go well, those should be answered with an allocate success response (message type=0x103) indicating a xor-relayed-address.
If not and you see more 401 errors that usually means your username and password is wrong.
You might also find the articles on using wireshark to reverse-engineer Amazon Mayday and Whatsapp on WebRTChacks useful -- both use Wireshark.
The WebRTC project has some notes on Wireshark, too.
Basically, I want to check to see if a game server is online/offline but the server is hosted through a port, how would I go about pinging it to check this. For testing purposes the server I want to ping is fr7.mooshroom.net:25667, however eventually I will be importing the server IP and port from an online plist so could the ip address and port be separated
If you could give me a step by step guide on how to do this, that would be much appreciated.
I am using the Reachability by tonymillion because the apple one doesnt work with iOS 5.
First, it depends on if you are talking about TCP or UDP.
If it's TCP, then the answer may be simple: try to open a TCP connection to the server at that port. If the connection opens, drop the connection and report success. Otherwise, failure. This is the simplistic view. It's possible if there are load balancers or firewalls in front of the server, the TCP connection may open but the backend server is down.
UDP would be harder. There is no way to know when you send UDP data that the server got the data unless it sends you some kind of response. It's possible that if the UDP server is down and you sent a message to the port, your computer might get an ICMP Error message back. That would definitely let you know the server is down. But firewalls may block this message getting back to your device, so that might not be reliable.
Otherwise, you need to send a properly formatted message to the server to get some kind of response. This is protocol-dependent but is the most reliable.
The traditional "ping" message is an ICMP echo query and response message. As such, there is no "port" associated with ICMP.
I have observed a different behaviour between netcat and telnet when connecting to the public route server bgp-view.tvnetwork.hu and issuing the command show ip bgp.
Using Telnet the output (which is normally some tens of thousands lines long) is truncated and in order to view it all you have to press space or enter to continue (like the man pages). When I connect with netcat it just starts dumping all the output and after the first few hundred lines it hangs. Even if I state explicitly that I want to pause after the first 100 lines using the command terminal length 100 netcat doesn't change behaviour.
Do you have any idea why this happens and how it can be resolved?
My OS is ubuntu 10.4 and the route server runs Quagga (version 0.99.5). With other type of routers (cisco or juniper) that problem doesn't appear.
Thank you.
ps. I wanted to tag the question as route-server but I cannot create new tags :(
EDIT:
The problem is that netcat doesn't negotiate window size (see my answer bellow). Netcat's -t parameter is used to negotiate telnet options but it replies with negations (DON'T or WON'T) so the question is how to make netcat to negotiate telnet options. Maybe I'll post a new question for this matter.
I found a similar discrepancy with SSH 1.5, on juniper routers. When I was implementing a network topology tool, I had to use two different SSH libraries in Java to get things to work. I never completely diagnosed the problem, but it looked like there was an issue with how one of my libraries was handshaking, as opposed to how the ssh server on the router was expecting things to be done. For this case, my connections were just being dropped. I had to use four libraries to support three protocols : telnet, ssh 1.5 and ssh 2.0.
I would not be surprised at all if this is a router specific issue. Unfortunately, I don't have any useful suggestions for you other than to try a different library or program to accomplish your goals. If you feel like troubleshooting the actual issue, you could watch the packets go through.
Thanks,
-Brian-
OK, mystery solved with wireshark.
The problem was the negotiation of telnet options.
The server requests from the telnet client "Do Negotiate About Window Size" but the client wasn't negotiating and even with the -t option netcat replies "Won't Negotiate About Window Size".
I created a java telnet client with the apache commons library to negotiate about the window size using the WindowSizeOptionHandler() constructor and it works fine. Now I just have to find how to do it with netcat.
I am deploying a mod_wsgi application on top of Apache, and have a client program that uses Curl.
On the CURL api on the user side, I have it attempt to reuse connection, but looking at the connections from wireshark, I see that for every HTTP request/response, a new connection is made.
At the end of every HTTP request, the HTTP response header has "Connection: Close"
Is this the same as Keep-Alive? What do I need to do on the Apache/Mod_wsgi side to enable connection re-use?
You would not generally need to do anything to Apache as support for keep alive connections would normally be on by default. Look at the KeepAlive directive in Apache configuration to work out what it is set to.
On top of that, for keep alive connections to work the WSGI application must be setting a content length in the response, or returning a list for the response where the list contains only a single string. In this latter case mod_wsgi will automatically add a content length for the response. The response would generally also need to be a successful response as most error responses would cause connection to be closed regardless.
Even having done all that, the issue is whether the ability of curl to fetch multiple URLs even makes use of keep alive connections. Obviously separate invocations of curl will not be able to, so that you are even asking this questions suggests you are trying to use that feature of curl. Only other option would be if you were using a custom client linked to libcurl and using its library and so you meant libcurl.
Do note that if access to Apache is via a proxy, the proxy may not implement keep alive and so stop the whole mechanism from working.
To give more information, need to know about how you are using curl.