Sign in to follow this  
lack o comments

Telnet over UDP?

Recommended Posts

Bare with me on this one cause I honestly have no idea what I'm talking about ;) A MUD project I'm working on is suffering from the fact that two of the members involved cannot access it while at their dorm due to their school's firewall blocking telnet (IIRC it was inbound telnet that was being blocked). Unfortunately I won't be able to get more details about ports until they return after the holidays but I'm simply going to assume the worst, that all telnet traffic is blocked. That being said what are our alternatives? I've heard of tunneling through standard web access ports but that seems rather bothersome and likely to get them in trouble. I've been thinking that since they do have access to other online games they should be able to connect through UDP. So is their any kind of TCP/UDP conversion software that would support reliable transfer and work through telnet? I've been googling for a few hours now and all I can find is this and this bit of software. Everything else seems to point me to HTTP proxies and such and I'm not ready to drop some bucks on any random software unless I know it's going to do what I need it to. It seems entirely possible to me that this would work but since I know very little about telnet I can't really say. In my mind I see a very simple image of a program that captures all data from a given port and translates one protocol to another, doing or discarding or handshaking as required. Of course there would have to be software sitting on both the server and the client for this to work but luckily the server is physically in my house.

Share this post


Link to post
Share on other sites
Telnet requires an actual connection, thats why it uses TCP. UDP by its very nature is a connectionless protocol. One could essentially create a TCP like protocol over UDP, but what would be the point just use TCP (especially for something like Telnet).

So as far as I know, no.

Share this post


Link to post
Share on other sites
Quote:
Original post by lack o comments
A MUD project I'm working on is suffering from the fact that two of the members involved cannot access it while at their dorm due to their school's firewall blocking telnet (IIRC it was inbound telnet that was being blocked).

That would imply the blocking is at your end. More likely, you mean outbound telnet at their end.

Quote:
Unfortunately I won't be able to get more details about ports until they return after the holidays but I'm simply going to assume the worst, that all telnet traffic is blocked.

The typical telnet port is 23. However, beyond blocking outgoing connections to that port, it's quite unlikely that any firewall is blocking 'telnet traffic'. Telnet itself is an almost entirely raw protocol and it's pretty much impossible to read the data stream and know it is telnet data. This is doubly true when you consider that most MUDs don't use any of the actual telnet protocol, or at least no more than the odd IAC command here or there.

Quote:
That being said what are our alternatives?

Do what every other MUD did for time eternal: don't run on port 23. Pick a port number above 1024 and try it. If you're really stuck, 8080 is a good one because it is often used as a web port and thus not often blocked.

Share this post


Link to post
Share on other sites
Actually, the port is well above 1024. Is it possible to block TCP but not UDP? I had read a post somewhere about using 8080 but one reply stated that it might only allow certain specific http requests through. Does that hold any truth? As said, telnet is just a data stream so it shouldn't be hard to disguise it if I had to.

Share this post


Link to post
Share on other sites
Quote:
Original post by lack o comments
Actually, the port is well above 1024. Is it possible to block TCP but not UDP? I had read a post somewhere about using 8080 but one reply stated that it might only allow certain specific http requests through. Does that hold any truth? As said, telnet is just a data stream so it shouldn't be hard to disguise it if I had to.
Do you mean inbound or outbound? Can they not connect FROM their dorm TO the server, or are they trying to host the server?

If they're trying to host the server, that's just not going to work without the network admin forwarding a port, which is pretty unlikely.

If they're unable to connect with outbound telnet, on a port number above 1024, then I'd guess that their network is filtered so that only HTTP through a proxy is available. You could handle that bu writing a mini web server, but it'd probably be far more hassle than it's worth.

And TCP and UDP can usually be filtered separately, but if TCP is filtered, UDP probably is too.

Share this post


Link to post
Share on other sites
I am hosting and they are connecting. In the past I have hosted Source games that they have had little trouble connecting to so I decided to look into that a bit. I assumed it only used UDP but at least one port requires TCP for connecting to a host. Given that info it seems reasonable that they should be able to connect through that port as long as I keep it clear. I suppose I could have them try a port scan when they get back.

I agree that setting up proxies or protocol translators sounds like it's more trouble than its worth but the alternative is to have two leads in the project drive thirty or so miles to the nearest wireless hotpoint to connect. Or maybe just wait another two or three years until they are out of school :/

Share this post


Link to post
Share on other sites
It's quite possible that they block all TCP traffic, and use a HTTP proxy for web surfing. In that case, you'll have to provide a HTTP client for your MUD (which is totally doable, by the way).

If other users, on the regular internet, can get to your server using telnet, then the problem is likely on their end. However, if nobody outside your network can get in, then you haven't set up your own port forwarding correctly.

Share this post


Link to post
Share on other sites
Ok, let me clarify a bit.

My server is up and running and entirely accessible. I have total control of the server because it is sitting in the basement with me right now staring at me from across the room. I have tested it and all ports needed are forwarded correctly. I can connect to it from any telnet client, on any computer, on any network that does not have the required port blocked.

I also know for a fact that the two team members cannot access this MUD server or any other while they are at school. They are being blocked from those ports by their school firewall. I do know that, from their school, they can connect to an SRCDS server that is hosted on the same machine I am currently glaring back at (the one in my basement). Because SRCDS uses one specific TCP port during connection I can assume that if I host our MUD on that port instead they should be able to connect. When they get back to school I will be testing this and if it does not work I will have them scan for any ports that might be available.

If all else fails I could try some sort of tunneling. As hplus0603 suggested, probably http. As far as TCP over UDP, I asked a friend that worked on something like that for a game and he said they ended dropping it because it wasn't stable and was taking too much effort to implement. I'm sure as hell no network programming wizard so unless there is pre-existing software to do this I am just going to have to drop it.

I am curious about Jaywalk's SSH comment. I know SSH about as well as I know telnet, which is to say not much. Assuming that all outgoing TCP is blocked (which at this point is probably not true) I am curious as to how sending through SSH will help if it still uses TCP? Or were you just suggesting that for security?

Share this post


Link to post
Share on other sites
Quote:
Original post by lack o comments

I am curious about Jaywalk's SSH comment. I know SSH about as well as I know telnet, which is to say not much. Assuming that all outgoing TCP is blocked (which at this point is probably not true) I am curious as to how sending through SSH will help if it still uses TCP? Or were you just suggesting that for security?


Telnet protocol tends to be universally blocked these days due to lack of authentication and potentially other issues. SSH has replaced it for that purpose.

But the interesting feature is that SSH allows tunneling (SSH), which can be used for other protocols as well.

It does however require you to authenticate users on the server before they can establish a connection.

On windows, putty and opensshd can be used for this purpose, *nixes tend to come with ssh and sshd out of box, while telnet tends to be disabled by default.

That is, if you're really using telnet on port 22. Either way, ssh tends to be preferred option of passing through firewalls.

Share this post


Link to post
Share on other sites
Quote:

Telnet protocol tends to be universally blocked these days due to lack of authentication and potentially other issues

That is what I was told and it is why I made the comment in my first post about telnet being blocked.

Well, the MUD itself doesn't support SSH. Is there any free or inexpensive software I could put on the server to transfer SSH to the MUD via telnet and visa-versa? Or is that too simplistic of an expectation?

Share this post


Link to post
Share on other sites
Quote:
Original post by lack o comments

Well, the MUD itself doesn't support SSH. Is there any free or inexpensive software I could put on the server to transfer SSH to the MUD via telnet and visa-versa? Or is that too simplistic of an expectation?


You don't need to support SSH in your application. Look into what tunneling is and how ssh client works.

Share this post


Link to post
Share on other sites
Quote:
Original post by Antheus
Telnet protocol tends to be universally blocked these days due to lack of authentication and potentially other issues.

But the chance of being able to identify an arbitrary TCP stream on an arbitrary port as being 'telnet' or even something-like-telnet is quite small. About all you can go on is that byte 255 in the stream is almost always followed by a byte between 251 and 255, and for a typical MUD application that situation might only arise once or twice in the entire session. That's why I think it's more likely that either (a) they just happened to pick a blocked port, or (b) they have pretty much everything blocked except a selected number of applications running on well-known ports. I agree that setting up an ssh daemon and getting them to attempt to connect to that is indeed a way to start finding out.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Sign in to follow this