Cadamier Posted October 30, 2021 Share Posted October 30, 2021 So does this - in the image - mean that's someone's trying to telnet into my server? At the current/image time - I was 'building the world.' I've seen it also when I am playing on it. Link to comment Share on other sites More sharing options...
SylenThunder Posted October 30, 2021 Share Posted October 30, 2021 IP address led me here... http://stretchoid.com/ Quote Stretchoid is a platform that helps identify an organization's online services. Sometimes this activity is incorrectly identified by security systems, such as firewalls, as malicious. Our activity is completely harmless. However, if you would prefer that we do not scan your infrastructure, please submit the following information: Link to comment Share on other sites More sharing options...
Cadamier Posted November 19, 2021 Author Share Posted November 19, 2021 @SylenThunder OPPS! Alpha 19.6 B8 - Well - weird thing is that I've been seeing this activity for sometime now. It's almost never by the same IP. Not knowing much about networking: 2021-11-18T21:06:13 4476.275 EXC Unable to write data to the transport connection: An existing connection was forcibly closed by the remote host. . SocketException: An existing connection was forcibly closed by the remote host. Seems to tell me that the remote IP in this case "forcibly closed" an 'existing connection.' Doesn't sound good to me. Whereas this one: 2021-11-06T13:19:26 19876.621 ERR Exception in thread TelnetClient_192.241.206.206:56594: 2021-11-06T13:19:26 19876.621 EXC The operation is not allowed on non-connected sockets. InvalidOperationException: The operation is not allowed on non-connected sockets. at System.Net.Sockets.TcpClient.GetStream () [0x00036] in <ae22a4e8f83c41d69684ae7f557133d9>:0 at TelnetConnection.Close (System.Boolean kickedForLogins) [0x0001e] in <d15958ecbbfc46c3933d31eb2910c084>:0 at TelnetConnection.ThreadEnd (ThreadManager+ThreadInfo _threadInfo, System.Boolean _exitForException) [0x00000] in <d15958ecbbfc46c3933d31eb2910c084>:0 at ThreadManager.myThreadInvoke (System.Object _threadInfo) [0x000ab] in <d15958ecbbfc46c3933d31eb2910c084>:0 UnityEngine.DebugLogHandler:Internal_LogException(Exception, Object) UnityEngine.DebugLogHandler:LogException(Exception, Object) UnityEngine.Logger:LogException(Exception, Object) UnityEngine.Debug:LogException(Exception) Logger:masterLogException(Exception) Logger:Exception(Exception) Log:Exception(Exception) ThreadManager:myThreadInvoke(Object) System.Threading.QueueUserWorkItemCallback:System.Threading.IThreadPoolWorkItem.ExecuteWorkItem() System.Threading.ThreadPoolWorkQueue:Dispatch() System.Threading._ThreadPoolWaitCallback:PerformWaitCallback() (Filename: <ae22a4e8f83c41d69684ae7f557133d9> Line: 0) 2021-11-06T13:19:26 19876.622 INF Exited thread TelnetClient_192.241.206.206:56594 Seems to tell me that the connection wasn't allowed at all but they were allowed to try something. Then as in this case: 2021-11-10T15:54:34 37290.822 INF Telnet connection from: 192.35.168.112:32260 2021-11-10T15:54:34 37290.823 INF Started thread TelnetClient_192.35.168.112:32260 NOTE: I'll see the above one a lot - and if a readline exception isn't generated 'soon' I'll exit and shut down the server. That's IF I catch it. They're connected for an entire minute before another 'readline error is generated.... 2021-11-10T15:55:31 37347.807 ERR IOException in ReadLine for TelnetClient_192.35.168.112:32260: Unable to write data to the transport connection: An established connection was aborted by the software in your host machine. . 2021-11-10T15:55:31 37347.807 EXC Unable to write data to the transport connection: An established connection was aborted by the software in your host machine. . SocketException: An established connection was aborted by the software in your host machine. at System.Net.Sockets.Socket.Send (System.Byte[] buffer, System.Int32 offset, System.Int32 size, System.Net.Sockets.SocketFlags socketFlags) [0x00016] in <ae22a4e8f83c41d69684ae7f557133d9>:0 at System.Net.Sockets.NetworkStream.Write (System.Byte[] buffer, System.Int32 offset, System.Int32 size) [0x0009b] in <ae22a4e8f83c41d69684ae7f557133d9>:0 Rethrow as IOException: Unable to write data to the transport connection: An established connection was aborted by the software in your host machine. . at System.Net.Sockets.NetworkStream.Write (System.Byte[] buffer, System.Int32 offset, System.Int32 size) [0x000e2] in <ae22a4e8f83c41d69684ae7f557133d9>:0 at System.IO.Stream.WriteByte (System.Byte value) [0x0000b] in <567df3e0919241ba98db88bec4c6696f>:0 at TelnetConnection.HandlerThread (ThreadManager+ThreadInfo _tInfo) [0x001a2] in <d15958ecbbfc46c3933d31eb2910c084>:0 UnityEngine.DebugLogHandler:Internal_LogException(Exception, Object) UnityEngine.DebugLogHandler:LogException(Exception, Object) UnityEngine.Logger:LogException(Exception, Object) UnityEngine.Debug:LogException(Exception) Logger:masterLogException(Exception) Logger:Exception(Exception) Log:Exception(Exception) TelnetConnection:HandlerThread(ThreadInfo) ThreadManager:myThreadInvoke(Object) System.Threading.QueueUserWorkItemCallback:System.Threading.IThreadPoolWorkItem.ExecuteWorkItem() System.Threading.ThreadPoolWorkQueue:Dispatch() System.Threading._ThreadPoolWaitCallback:PerformWaitCallback() (Filename: <ae22a4e8f83c41d69684ae7f557133d9> Line: 0) Like I said - donno about telnet connections, but it is 'weird' in a bad way that 'people' are trying to connect; and apparently some are allowed to connect. I've no doubt that some of this would be considered 'normal' but not all of it. You have anymore info? FYI: I only scanned a few logs for the above - so I don't doubt that anyone that runs a dedi would see these in their logs if they looked. Also windows note pad doesn't seem to do the search function that well - and probably pasting to word would help in that respect. @SylenThunder Thank you for your time and effort! Link to comment Share on other sites More sharing options...
meganoth Posted November 20, 2021 Share Posted November 20, 2021 If you have a telnet port open to the world hackers will try to get in. Simple as that. The initial handshake is done with normal ASCII text. If someone sends non-ascii characters before password negotiation or for the password it should be possible to generate exceptions and have the server abort the communication instead of just saying "wrong password". This is only a guess though, I don't have much experience with the log entries generated by the telnet server in 7D2D Generally, if you can avoid opening telnet to the world, do it. If you need telnet it would be better to have it only listen on the loopback device (i.e. you can connect to the port only if you are on the same machine). To use telnet you would have to first login to the machine by any **secure** method, then start a telnet client or a script using telnet locally Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now