Re: tcp wrappers problem

From: Casper H.S. Dik (Casper.Dik_at_Sun.COM)
Date: 08/27/03

• Next message: Security Alert: "SSRT3617 Potential security vulnerability in OpenView DCE"
• Previous message: roy gordon: "tcp wrappers problem"
• In reply to: roy gordon: "tcp wrappers problem"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: 27 Aug 2003 08:44:52 GMT

royg@semantic.com (roy gordon) writes:

>We're using the tcp_wrappers_7.6-ipv6 source, and made the appropriate
>Makefile changes. (I'll include the Make line, below.)

>However, I cannot get username@host to work, nor does hosts.allow seem
>to work properly.

You need to run some version of identd on your systems to make that work.

>We've kept the daemons in their original place and have modified the
>inetd.conf file. tcpdchk reports no problems.

>In the test setup there are two remote machines: simba and maya (this
>is on an internal network, so there's nothing further).

>Here's what hosts.allow is:

> ALL: simba: ALLOW
> ALL: ALL: DENY

This syntax requires the -DPROCESS_OPTIONS compile time option.

>There is no hosts.deny.

>What happens here is that I can log in from both simba and maya,
>although it seems that maya should be prohibited.

Seems like a symptom of not compiling w/ -DPROCESS_OPTIONS

Casper

-- 
Expressed in this posting are my opinions.  They are in no way related
to opinions held by my employer, Sun Microsystems.
Statements on Sun products included here are not gospel and may
be fiction rather than truth.

• Next message: Security Alert: "SSRT3617 Potential security vulnerability in OpenView DCE"
• Previous message: roy gordon: "tcp wrappers problem"
• In reply to: roy gordon: "tcp wrappers problem"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint