[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sheflug] TCP wrappers
On Fri, 30 Mar 2001, Chris J/#6 wrote:
> It's saying connections to ALL services from ALL hosts are DENY'd. But
> when a connection comes in, it runs a trap-door program, safe_finger,
> that attempts to get a user-list from the remote host and mail it to
> root. These days, it's not an effective method as most sites block
> finger, but in ye olde days you could get the user list and email it to
> the admin of the server saying "one of these users is trying to get into
> my box".
Ah, I thought it looked a little bit strange. Not sure I like the idea of
firing up finger every time I get port scanned.
I'd rather have it silently logged. Time to read hosts_access(5) I
suppose.
> Put any entries you want in hosts.allow /before/ the ALL: ALL: DENY rule
> else your rule will never be reached.
I figured that out. After about an hour of head scratching why exim gave
me 554 service unavailable.
> If you want an example of a working hosts.allow (ie, the one sitting on
> my box) let me know. It's got a few nice things: use of PARANOID, setting
> environement variables, rfc in every rule etc...
Go on then, let's have a peek. :)
---------------------------------------------------------------------
Sheffield Linux User's Group - http://www.sheflug.co.uk
To unsubscribe from this list send mail to
- <sheflug-request [at] vuw.ac.nz> - with the word
"unsubscribe" in the body of the message.
GNU the choice of a complete generation.