On Wed, 21 Jun 2000, Chris Wagner wrote: >At 02:25 PM 6/20/00 +0200, Russell Coker wrote: >>They don't use NVT. The TELNET protocol is not running on (for example) a >>web server. > >Yeah but the NVT settings have to be negotiated for each side to talk to >each other. If I telnet to an Apache webserver on port 80, my telnet is
No they don't. If the server doesn't start NVT negotiation then nothing happens. >going to negotiate NVT with whatever's on the other end. Both sides have to >agree to establish the connection. Therefore, either Apache or something >below Apache in the stack has to know about NVT. Otherwise Apache would >tell me to go take a flying leap if I tried to telnet to it. What is my >telnet client negotiating with in this case??? Telnet client negotiates nothing. Text you type is sent, but "\n" is replaced by "\r\n". Text that is received is just displayed as-is. As an experiment to find out how hard it would be for you to determine this without asking the list I timed myself. I determined that in 121 seconds by running strace(1) on telnet. I tried using ltrace(1) to determine the same information, but after 149 seconds I realised that it was not the right tool and would not be able to provide me with the information. Ltrace displays the values of pointers instead of the data it referrs to. I could have used "-S" which might have been more useful, but there's no point when strace(1) is available. Then I decided to solve it properly. Firstly I read rfc854 and rfc855 (the base RFCs on TELNET) which didn't clarify this issue. Then I put a telnet daemon on port 23 and straced a telnet connection to it. The telnet client started with sending a sequence of NVT protocol commands to it which were responded to. Then I put the telnet daemon on port 1000 and repeated the test, this time the telnet client didn't start sending any NVT commands until after it had received some (the server had shown itself to be a NVT protocol server not a web server or whatever else I may have chosen to run on that port). NVT is totally bi-directional so it could run either way. This took me 821 seconds. Chris, most people here would not be able to do what I just did. However I believe that you are able to do everything I did (although it may have taken you a bit longer). I think that you should be answering questions of that nature not asking them. I often see questions that I don't know the answer to, and research them for the benefit of the person who asked and everyone else on the list. It is a great way to learn about things if you've got some spare time. This is why I think that you should have researched and answered if someone else had asked the question. Russell Coker
