COMMAND

    telnetd

SYSTEMS AFFECTED

    Win NT

PROBLEM

    Yiorgos Adamopoulos  found following.   With the  NT Resourse  Kit
    there comes a ``telnetd''  application which is unsupported  SW by
    MS.  However, it  is a handy utility  and many of you  may have it
    installed.  However,  this telnetd has so much bugs so you  better
    remove that.  If you want to apply it (?) go to:

        ftp://ftp.microsoft.com/bussys/winnt/winnt-public/reskit/nt40/telnetd/

    Running ``strobe'' on the machine causes the service to stop
    functioning with messages at the console that ``the memory could
    not be written''.

    It is assumed this happens when a program opens and closes port 23
    (telnet) on  the server  without doing  anything else.   Here is a
    Perl script to test this if you do not have ``strobe'' (which is a
    fine port scanner by the way):

        #!/usr/local/bin/perl
        use Socket;

        $host = shift || "ntserver";
        $port = shift || 23;

        $in_addr = (gethostbyname($host))[4] || die;
        $addr = sockaddr_in($port,$in_addr) || die;
        $proto = getprotobyname('tcp') || die;
        socket(S, AF_INET, SOCK_STREAM, $proto) || die;
        connect(S,$addr) || die;
        close S;
        __END__

    The script  takes as  an argument  the DNS  (Internet) name of the
    server you  want to  shoot.   Also note  that running  this script
    results to closing any active telnet connection(s) to the machine.
    After  running  it,  if  you  look  at the ``Serices'' window from
    ``Control Panel'' you'll see that the (Inbound) telnetd service is
    stopped!

    'kastl' posted following.  Open  any telent session and then  kill
    the telnet client at the workstation (don't type "exit", just  use
    Alt+F4).  This causes  telnetd to die.   One problem with this  is
    that it pops up an error message on the server console.  The other
    problem is that  telnetd is still  "running" (i.e. there  is still
    a  pid  associated  with  telentd)  and  doesn't die until someone
    clicks on "OK" at  the server console.   Only then can telentd  be
    restarted.   This  means  that  you  can't  even  script a restart
    because NT will  pop up an  error message stating  that telnetd is
    already running even though it is really "dead".

SOLUTION

    As  David  LeBlanc  recently  pointed  out,  logging into a server
    initiates a Shell,  and its the  Shell that receives  the Pop-ups.
    So  without  a  Shell,  i.e.  without  logging  on to the box, the
    problem of the hanging pop-up  goes away.  Good security  practice
    dictates that someone is logged on at the console only as long  as
    someone  is  actually  at  the  console,  right?   This  should be
    particularly true of production servers.

    Read the KB article ID: Q128642 for information on how to  disable
    those popups on your servers.  This is particularly revelevant for
    headless servers or physically isolated servers.