Re: POP3 client behavior re. hosts.deny

From: Bruce Lewis (brlspam_at_yahoo.com)
Date: 09/02/04

• Next message: Ryan Kuykendall: "iptables question: restricting access to port 2500 to Apache Web Server Proxy..."
• Previous message: Tim Haynes: "Re: POP3 client behavior re. hosts.deny"
• In reply to: Tim Haynes: "Re: POP3 client behavior re. hosts.deny"
• Next in thread: Tim Haynes: "Re: POP3 client behavior re. hosts.deny"
• Reply: Tim Haynes: "Re: POP3 client behavior re. hosts.deny"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: 02 Sep 2004 14:04:12 -0400

Tim Haynes <usenet-20040902@stirfried.vegetable.org.uk> writes:

> I would've thought any attempt to send application-level data like that
> would be a pretty naff violation of TCP, being as the application should
> have received a TCP RST from the hosts.deny-induced connection-rejection.

Except the connection is not rejected. It's accepted (presumably by
inetd), then closed (presumably by tcpd). I don't think tcpd has any
way to cause the connection to be rejected.

> tcpdump -s 1500 -n -w somefile.log.net port 110
> <do things>
> ^C
> tcpdump -v -r somefile.log.net | less

Ah, cool. Now I can at least check Thunderbird.

> How about using a firewall so there can be *no* connection established at
> all, not even as far as tcpwrappers?

This is a virtual server (User-Mode Linux) on linode.com. I'm pretty
sure the firewall option is unvailable to me.

> You could also try to bind teapop
> to localhost only, as well, that would be rather effective too.

Hmm...that really looks like the cleanest solution. Maybe it's time to
switch to xinetd. I don't see any option for inetd to bind to a
specified address, nor in the teapop docs for its standalone mode.

---

• Next message: Ryan Kuykendall: "iptables question: restricting access to port 2500 to Apache Web Server Proxy..."
• Previous message: Tim Haynes: "Re: POP3 client behavior re. hosts.deny"
• In reply to: Tim Haynes: "Re: POP3 client behavior re. hosts.deny"
• Next in thread: Tim Haynes: "Re: POP3 client behavior re. hosts.deny"
• Reply: Tim Haynes: "Re: POP3 client behavior re. hosts.deny"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: TCP wrappers - starting tcpd ? ... start tcpd - assuming that is that tcpd should be running (only my ... port/service managed by inetd. ... inetd then will pass the connection ... "One dreaming alone, it will be only a dream; ... (Ubuntu) Re: TCP wrappers - starting tcpd ? ... start tcpd - assuming that is that tcpd should be running (only my ... port/service managed by inetd. ... inetd then will pass the connection ... "One dreaming alone, it will be only a dream; ... (Ubuntu) Daemons On Request Only - Help ... I can't find in manuals for tcpd and inetd how to automatically shut ... For instance I'd like to run an auth daemon oidentd, _only_ when inetd ... connection attempt inetd will consult a tcpd which fires up a daemon, ... (comp.os.linux.security) Root .profile $PS prompts showing for all telnet connections from all users ? ... Following wrong method when restarting inetd (seems ... The server I am working on is a V880 with Solaris 8 and recent patching. ... My main problem is when -ANY- user logs-in to my Solaris 8 server over telnet, ... I do not see this problem using any other remote connection utility like ... (SunManagers) Re: Identify what is using a port ... It makes perfect sense if you look at the expected number of connection ... then the inetd superserver is the right solution. ... can do all sorts of funky stuff with balancing multiple requests over ... consent and may be a violation of international copyright law. ... (comp.unix.bsd.freebsd.misc)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > comp.os.linux.security  > 2004-09