Service Security

Service Security

Since a port number can be specified on the command line, telnet clients can be used to connect to arbitrary ports on Solaris servers. This makes a telnet client a useful tool for testing whether services that should have been disconnected are actually active. For example, you can interactively issue commands to an FTP server on port 21, this way:

$ telnet server 21
Trying 172.16.1.1...
Connected to server.
Escape character is '^]'.
220 server FTP server (UNIX(r) System V Release 4.0) ready.

And on a sendmail server on port 25:

$ telnet server 25
Trying 172.16.1.1...
Connected to server.
Escape character is '^]'.
220 server ESMTP Sendmail 8.9.1a/8.9.1; Mon, 22 Nov 1999
    14:31:36 +1100 (EST)

Interactive testing of this kind has many uses. For example, if we telnet to port 80 on a server, we are usually connected to a web server where we can issue interactive commands using the Hypertext Transfer Protocol (HTTP). For example, to GET the default index page on a server, we could type get index.html:

Trying 172.16.1.1...
Connected to server.
Escape character is '^]'.
GET index.html
<<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">>
<<HTML>><<HEAD>>
<<TITLE>>Server<</TITLE>><</HEAD>>
<<h1>>Welcome to server!<</h1>>

This technique is useful when testing proxy server configurations for new kinds of HTTP clients (for example, a HotJava browser) or to be executed during a script to check whether the web server is active and serving expected content.