From owner-freebsd-questions Wed Aug 25 10:26:42 1999 Delivered-To: freebsd-questions@freebsd.org Received: from ns.clientlogic.com (ns.clientlogic.com [207.51.66.75]) by hub.freebsd.org (Postfix) with ESMTP id 9F5C914C21 for ; Wed, 25 Aug 1999 10:26:34 -0700 (PDT) (envelope-from ChrisMic@clientlogic.com) Received: by site0s1 with Internet Mail Service (5.5.2448.0) id ; Wed, 25 Aug 1999 13:24:42 -0400 Message-ID: <6C37EE640B78D2118D2F00A0C90FCB4401105BEC@site2s1> From: Christopher Michaels To: 'Alejandro Ramirez' , FreeBSD Questions Subject: RE: tcp wrappers Date: Wed, 25 Aug 1999 13:27:18 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2448.0) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG For that last time that you logged into the machine. Did you check to see if there was anything in /var/log/messages? Try this (just to satisfy my curiosity). Put the following line in your /etc/hosts.deny file. telnetd : .telmex.net.mx Leave /etc/hosts.allow empty (comment out the allow all line). Let me know if that works. -Chris > -----Original Message----- > From: Alejandro Ramirez [SMTP:ales@megared.net.mx] > Sent: Wednesday, August 25, 1999 12:57 PM > To: Christopher Michaels; FreeBSD Questions > Subject: RE: tcp wrappers > > Christopher, > > Thats funny, the log message that I received was at 03:37:05 a.m. of > today, > the line: > > telnetd : .telmex.net.mx : deny > > I added it today at 9:30 am in the morning in order to make more tests > because I already saw this message in the /var/log/message file, since > yesterday, until today at 9:30, the only lines that where in the > /etc/hosts.allow file where: > > telnetd : .itesm.mx : deny > ALL : ALL : allow > > I also telneted to a server under that domain, and telneted again to my > server, then I use the "w" command and see the complete domain name for > that > server "gda.itesm.mx", but its not rejecting the connection. Do I have to > grab the complete set of adresses they use to block the access???, so why > its not working with the domain name???. > > Thanks > > Ales > > ----- Original Message ----- > From: Christopher Michaels > To: 'Alejandro Ramirez' ; FreeBSD Questions > > Sent: Wednesday, August 25, 1999 11:30 AM > Subject: RE: tcp wrappers > > > > Ok. You don't need to sighup inetd. From one of your previous postings > > you're getting the following error: > > > > Aug 25 03:37:05 unix inetd[82105]: warning: /etc/hosts.allow, line > > 13: can't verify hostname: gethostbyname(customer18-197.telmex.net.mx) > > failed > > > > What appears to be happening, is that since the address can't be > verified > to > > be from that domain it is not denying. That error, if you didn't know, > is > > saying it cannot resolve "customer18-197.telmex.net.mx". They appear to > > have DNS resolution problems. > > > > What I would suggest is to see if you can find out the range of ip > addresses > > they use and try denying that, e.g. > > > > telnetd : 200.33.146. : deny > > > > See if that works. Also I do not know if there is a way to deny all > > addresses that do not resolve. I will look into that, because I'd like > to > > know myself. > > > > -Chris > > > > > -----Original Message----- > > > From: Alejandro Ramirez [SMTP:ales@megared.net.mx] > > > Sent: Wednesday, August 25, 1999 11:23 AM > > > To: Christopher Michaels; FreeBSD Questions > > > Subject: RE: tcp wrappers > > > > > > Hi, > > > > > > This are the only 3 lines that I have uncommented in my > > > /etc/hosts.allow > > > file: > > > > > > telnetd : .telmex.net.mx : deny > > > telnetd : .itesm.mx : deny > > > ALL : ALL : allow > > > > > > the rest of the file its commented. I have telnet accounts in servers > in > > > those domains, and after I put this lines, and SIGHUP inetd, I can > still > > > log > > > in via telnet to my server from this servers. > > > > > > Thanks in Advance > > > > > > Ales > > > > > > > > > ----- Original Message ----- > > > From: Christopher Michaels > > > To: 'Alejandro Ramirez' ; FreeBSD Questions > > > > > > Sent: Wednesday, August 25, 1999 10:02 AM > > > Subject: RE: tcp wrappers > > > > > > > > > > Maybe if you posted what was listed in your hosts.allow file it > would > > > help > > > > us. > > > > Also, what aspect of it is NOT working? > > > > > > > > -Chris > > > > > > > > > -----Original Message----- > > > > > From: Alejandro Ramirez [SMTP:ales@megared.net.mx] > > > > > Sent: Tuesday, August 24, 1999 7:12 PM > > > > > To: FreeBSD Questions > > > > > Subject: tcp wrappers > > > > > > > > > > Hi, > > > > > > > > > > I know that tcp wrappers are included in 3.2 Release, so I > have > > > > > modified > > > > > the /etc/hosts.allow file, and HUP the inetd daemon, but it doesnt > > > work, > > > > > its > > > > > there some documentation that could help me, or do you know what > am > I > > > > > missing??? > > > > > > > > > > Thanks in Advance > > > > > > > > > > Ales > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > > > with "unsubscribe freebsd-questions" in the body of the message > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > > with "unsubscribe freebsd-questions" in the body of the message > > > > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message