Jump to content

When running the dedicated server or playing a game on one - I see this: "Telnet connection"


Cadamier

Recommended Posts

IP address led me here...

http://stretchoid.com/

Quote

 

Stretchoid is a platform that helps identify an organization's online services.

Sometimes this activity is incorrectly identified by security systems, such as firewalls, as malicious. Our activity is completely harmless. However, if you would prefer that we do not scan your infrastructure, please submit the following information:

 

 

Link to comment
Share on other sites

  • 3 weeks later...

@SylenThunder OPPS!  Alpha 19.6 B8 - Well - weird thing is that I've been seeing this activity for sometime now.  It's almost never by the same IP.  Not knowing much about networking:

 

2021-11-18T21:06:13 4476.275 EXC Unable to write data to the transport connection: An existing connection was forcibly closed by the remote host.
.
SocketException: An existing connection was forcibly closed by the remote host.

 

Seems to tell me that the remote IP in this case "forcibly closed" an 'existing connection.'  Doesn't sound good to me.

 

Whereas this one:

 

2021-11-06T13:19:26 19876.621 ERR Exception in thread TelnetClient_192.241.206.206:56594:
2021-11-06T13:19:26 19876.621 EXC The operation is not allowed on non-connected sockets.
InvalidOperationException: The operation is not allowed on non-connected sockets.
  at System.Net.Sockets.TcpClient.GetStream () [0x00036] in <ae22a4e8f83c41d69684ae7f557133d9>:0 
  at TelnetConnection.Close (System.Boolean kickedForLogins) [0x0001e] in <d15958ecbbfc46c3933d31eb2910c084>:0 
  at TelnetConnection.ThreadEnd (ThreadManager+ThreadInfo _threadInfo, System.Boolean _exitForException) [0x00000] in <d15958ecbbfc46c3933d31eb2910c084>:0 
  at ThreadManager.myThreadInvoke (System.Object _threadInfo) [0x000ab] in <d15958ecbbfc46c3933d31eb2910c084>:0 
UnityEngine.DebugLogHandler:Internal_LogException(Exception, Object)
UnityEngine.DebugLogHandler:LogException(Exception, Object)
UnityEngine.Logger:LogException(Exception, Object)
UnityEngine.Debug:LogException(Exception)
Logger:masterLogException(Exception)
Logger:Exception(Exception)
Log:Exception(Exception)
ThreadManager:myThreadInvoke(Object)
System.Threading.QueueUserWorkItemCallback:System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
System.Threading.ThreadPoolWorkQueue:Dispatch()
System.Threading._ThreadPoolWaitCallback:PerformWaitCallback()
 
(Filename: <ae22a4e8f83c41d69684ae7f557133d9> Line: 0)

2021-11-06T13:19:26 19876.622 INF Exited thread TelnetClient_192.241.206.206:56594

 

Seems to tell me that the connection wasn't allowed at all but they were allowed to try something.  

 

Then as in this case:

2021-11-10T15:54:34 37290.822 INF Telnet connection from: 192.35.168.112:32260
2021-11-10T15:54:34 37290.823 INF Started thread TelnetClient_192.35.168.112:32260

 

NOTE: I'll see the above one a lot - and if a readline exception isn't generated 'soon' I'll exit and shut down the server.  That's IF I catch it.

They're connected for an entire minute before another 'readline error is generated....

 

2021-11-10T15:55:31 37347.807 ERR IOException in ReadLine for TelnetClient_192.35.168.112:32260: Unable to write data to the transport connection: An established connection was aborted by the software in your host machine.
.
2021-11-10T15:55:31 37347.807 EXC Unable to write data to the transport connection: An established connection was aborted by the software in your host machine.
.
SocketException: An established connection was aborted by the software in your host machine.

  at System.Net.Sockets.Socket.Send (System.Byte[] buffer, System.Int32 offset, System.Int32 size, System.Net.Sockets.SocketFlags socketFlags) [0x00016] in <ae22a4e8f83c41d69684ae7f557133d9>:0 
  at System.Net.Sockets.NetworkStream.Write (System.Byte[] buffer, System.Int32 offset, System.Int32 size) [0x0009b] in <ae22a4e8f83c41d69684ae7f557133d9>:0 
Rethrow as IOException: Unable to write data to the transport connection: An established connection was aborted by the software in your host machine.
.
  at System.Net.Sockets.NetworkStream.Write (System.Byte[] buffer, System.Int32 offset, System.Int32 size) [0x000e2] in <ae22a4e8f83c41d69684ae7f557133d9>:0 
  at System.IO.Stream.WriteByte (System.Byte value) [0x0000b] in <567df3e0919241ba98db88bec4c6696f>:0 
  at TelnetConnection.HandlerThread (ThreadManager+ThreadInfo _tInfo) [0x001a2] in <d15958ecbbfc46c3933d31eb2910c084>:0 
UnityEngine.DebugLogHandler:Internal_LogException(Exception, Object)
UnityEngine.DebugLogHandler:LogException(Exception, Object)
UnityEngine.Logger:LogException(Exception, Object)
UnityEngine.Debug:LogException(Exception)
Logger:masterLogException(Exception)
Logger:Exception(Exception)
Log:Exception(Exception)
TelnetConnection:HandlerThread(ThreadInfo)
ThreadManager:myThreadInvoke(Object)
System.Threading.QueueUserWorkItemCallback:System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
System.Threading.ThreadPoolWorkQueue:Dispatch()
System.Threading._ThreadPoolWaitCallback:PerformWaitCallback()
 
(Filename: <ae22a4e8f83c41d69684ae7f557133d9> Line: 0)

 

Like I said - donno about telnet connections, but it is 'weird' in a bad way that 'people' are trying to connect; and apparently some are allowed to connect.  I've no doubt that some of this would be considered 'normal' but not all of it.  You have anymore info?  FYI: I only scanned a few logs for the above - so I don't doubt that anyone that runs a dedi would see these in their logs if they looked.  Also windows note pad doesn't seem to do the search function that well - and probably pasting to word would help in that respect.  @SylenThunder Thank you for your time and effort!

Link to comment
Share on other sites

If you have a telnet port open to the world hackers will try to get in. Simple as that.

 

The initial handshake is done with normal ASCII text. If someone sends non-ascii characters before password negotiation or for the password it should be possible to generate exceptions and have the server abort the communication instead of just saying "wrong password".

This is only a guess though, I don't have much experience with the log entries generated by the telnet server in 7D2D

 

Generally, if you can avoid opening telnet to the world, do it. If you need telnet it would be better to have it only listen on the loopback device (i.e. you can connect to the port only if you are on the same machine). To use telnet you would have to first login to the machine by any **secure** method, then start a telnet client or a script using telnet locally

 

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...