扫一扫
分享文章到微信
扫一扫
关注官方公众号
至顶头条
作者:论坛整理 来源:ZDNet网络安全 2007年12月25日
关键字: telnet命令 opentelnet linux telnet telnet入侵 telnet telnet端口
The problem of links containing system output intermixed with user input is more difficult. In any implementation it seems the LAAT user will have to be aware of what is happening and manually control his terminal to some extent, but that is reasonable when dealing with an "alien" system. More definition work is called for in this area, to solve the efficiency problem for LAAT hosts.
"A PROPOSAL"
The proposal appears on the surface to be that "suppress GA" should be the NVT default, which would be perfectly acceptable to me (and I would suppose to other LAAT users): two additional messages upon opening a connection is a small enough price.
But in fact that is not the proposal at all -- the proposal is really to remove the requirement that all server systems implement the GA.
This I object to very strenuously since, as I feel I have shown, the benefit to the LAAT system and user of GA far outweigh its cost to other types of server systems. And of course the expense of going into "suppress GA" mode when appropriate is truly negligible.
The proposal for having those user TELNET's which do not support reverse break retain permanent control over terminals is also weak, even without GA. In our current implementation the assumption is that for each line entered by the user, the server system will respeed with something. Control of the terminal is thus retained after input until some output is received and printed, when the terminal is again made available for input. The "attention" key is defined as a toggle switch to control the terminal keyboard: if pressed while the keyboard is unlocked (open for input) it will lock it until the next available output message and if pressed while keyboard is locked it will be unlocked for input. The user may also enter a true unlocked mode, in which the terminal is always returned to him for additional input (after printing all queued output). This is used, for example, for input to a text editor which does not issue prompts for each line, the mode may be changed at any time by the user, and the "attention" key may of course be used to retrieve expected but infrequent output. This combination mode has proven much more effective than the proposed "user must press attention for all input" mode.
Of course the addition of GA will allow the user process to wait for a "complete" reply before printing anything, which will eliminate much of the use of "attention", as well as improve system efficiency.
A GRIPE OF MY OWN
I would like to add one complaint of my own at this point. The implementation schedule for the new TELNET called for a date of July 1 when systems should accept new TELNET without causing errors.
This date was presumably agreed to by responsible representatives of effectively all active network sites. My system has been using the new TELNET since early September (significantly after the allowable date) but I have been forced to disable all server-generated GA's because (among other problems) TENEX "SNDMSG" does not work when GA's are received over the FTPTELNET control connection. Disabling the GA's was of course required in order for me to receive any deliveries from the Network Information Center. This brings up three points.
First, I sincerely hope that service functions like the NIC intend to accept the new TELNET protocol by the January 1 implementation date. Second, in response to RFC#593 by Alex McKenzie and Jon Postel, I do not feel that attempting to use a second TCP socket for "new TELNET" will work, because of the use of TELNET by FTP. In fact, it does not seem too difficult to make a "compatible" TELNET which will accept either mode (which sites have had since July 1 to do) and I feel that this is the most reasonable implementation method, even if it makes the January 1 date impractical. And third, perhaps sites should be more cautious about commitments to implementation schedules in the future.
[ This RFCwas put into machine readable form for entry ]
[ into the online RFCarchives by Mirsad Todorovac 5/98 ]
如果您非常迫切的想了解IT领域最新产品与技术信息,那么订阅至顶网技术邮件将是您的最佳途径之一。