Date: Wed, 25 Aug 1999 14:54:06 -0500 From: "Alejandro Ramirez" <ales@megared.net.mx> To: "Christopher Michaels" <ChrisMic@clientlogic.com>, "FreeBSD Questions" <freebsd-questions@FreeBSD.ORG> Subject: RE: tcp wrappers Message-ID: <056001beef33$96f10120$d4630a0a@megared.net.mx> References: <6C37EE640B78D2118D2F00A0C90FCB4401105BEC@site2s1>
next in thread | previous in thread | raw e-mail | index | archive | help
Ok,
Here is the thing, I have erased al the content in the /etc/hosts.allow
file, I couldnt get in to the telmex server at this time, but I have an
account (for testing purposes) in another server hosted by a good friend
called Thomas Mullaney (Thanks Thomas), I have created the /etc/hosts.deny
file, and the following lines are in there:
telnetd: 209.58.142.2
telnetd: .mullaney.org
telnetd: r2d2.mullaney.org
The first line its the IP address for the server of the line #3, and the
second line its self explanatory, and it still doesnt work, first I tried
with the second line, then I started to change it for the other lines, until
I had the three lines in the file, and still doesnt work, what am I missing
here???
BTW It only worked 2 times, then stopped working???
Aug 25 13:17:20 unix inetd[1838]: refused connection from r2d2.mullaney.org,
ser
vice telnet (tcp)
Aug 25 13:17:29 unix inetd[3276]: refused connection from r2d2.mullaney.org,
ser
vice telnet (tcp)
Aug 25 14:08:22 unix login: login from r2d2.mullaney.org on ttyp1 as ???
BTW I havent installed the port, because the release notes says that its
already built in the system.
Thanks
Ales
----- Original Message -----
From: Christopher Michaels <ChrisMic@clientlogic.com>
To: 'Alejandro Ramirez' <ales@megared.net.mx>; FreeBSD Questions
<freebsd-questions@FreeBSD.ORG>
Sent: Wednesday, August 25, 1999 12:27 PM
Subject: RE: tcp wrappers
> For that last time that you logged into the machine. Did you check to see
> if there was anything in /var/log/messages?
>
> Try this (just to satisfy my curiosity). Put the following line in your
> /etc/hosts.deny file.
> telnetd : .telmex.net.mx
>
> Leave /etc/hosts.allow empty (comment out the allow all line).
>
> Let me know if that works.
>
> -Chris
>
>
> > -----Original Message-----
> > From: Alejandro Ramirez [SMTP:ales@megared.net.mx]
> > Sent: Wednesday, August 25, 1999 12:57 PM
> > To: Christopher Michaels; FreeBSD Questions
> > Subject: RE: tcp wrappers
> >
> > Christopher,
> >
> > Thats funny, the log message that I received was at 03:37:05 a.m. of
> > today,
> > the line:
> >
> > telnetd : .telmex.net.mx : deny
> >
> > I added it today at 9:30 am in the morning in order to make more tests
> > because I already saw this message in the /var/log/message file, since
> > yesterday, until today at 9:30, the only lines that where in the
> > /etc/hosts.allow file where:
> >
> > telnetd : .itesm.mx : deny
> > ALL : ALL : allow
> >
> > I also telneted to a server under that domain, and telneted again to my
> > server, then I use the "w" command and see the complete domain name for
> > that
> > server "gda.itesm.mx", but its not rejecting the connection. Do I have
to
> > grab the complete set of adresses they use to block the access???, so
why
> > its not working with the domain name???.
> >
> > Thanks
> >
> > Ales
> >
> > ----- Original Message -----
> > From: Christopher Michaels <ChrisMic@clientlogic.com>
> > To: 'Alejandro Ramirez' <ales@megared.net.mx>; FreeBSD Questions
> > <freebsd-questions@FreeBSD.ORG>
> > Sent: Wednesday, August 25, 1999 11:30 AM
> > Subject: RE: tcp wrappers
> >
> >
> > > Ok. You don't need to sighup inetd. From one of your previous
postings
> > > you're getting the following error:
> > >
> > > Aug 25 03:37:05 unix inetd[82105]: warning: /etc/hosts.allow, line
> > > 13: can't verify hostname: gethostbyname(customer18-197.telmex.net.mx)
> > > failed
> > >
> > > What appears to be happening, is that since the address can't be
> > verified
> > to
> > > be from that domain it is not denying. That error, if you didn't
know,
> > is
> > > saying it cannot resolve "customer18-197.telmex.net.mx". They appear
to
> > > have DNS resolution problems.
> > >
> > > What I would suggest is to see if you can find out the range of ip
> > addresses
> > > they use and try denying that, e.g.
> > >
> > > telnetd : 200.33.146. : deny
> > >
> > > See if that works. Also I do not know if there is a way to deny all
> > > addresses that do not resolve. I will look into that, because I'd
like
> > to
> > > know myself.
> > >
> > > -Chris
> > >
> > > > -----Original Message-----
> > > > From: Alejandro Ramirez [SMTP:ales@megared.net.mx]
> > > > Sent: Wednesday, August 25, 1999 11:23 AM
> > > > To: Christopher Michaels; FreeBSD Questions
> > > > Subject: RE: tcp wrappers
> > > >
> > > > Hi,
> > > >
> > > > This are the only 3 lines that I have uncommented in my
> > > > /etc/hosts.allow
> > > > file:
> > > >
> > > > telnetd : .telmex.net.mx : deny
> > > > telnetd : .itesm.mx : deny
> > > > ALL : ALL : allow
> > > >
> > > > the rest of the file its commented. I have telnet accounts in
servers
> > in
> > > > those domains, and after I put this lines, and SIGHUP inetd, I can
> > still
> > > > log
> > > > in via telnet to my server from this servers.
> > > >
> > > > Thanks in Advance
> > > >
> > > > Ales
> > > >
> > > >
> > > > ----- Original Message -----
> > > > From: Christopher Michaels <ChrisMic@clientlogic.com>
> > > > To: 'Alejandro Ramirez' <ales@megared.net.mx>; FreeBSD Questions
> > > > <freebsd-questions@FreeBSD.ORG>
> > > > Sent: Wednesday, August 25, 1999 10:02 AM
> > > > Subject: RE: tcp wrappers
> > > >
> > > >
> > > > > Maybe if you posted what was listed in your hosts.allow file it
> > would
> > > > help
> > > > > us.
> > > > > Also, what aspect of it is NOT working?
> > > > >
> > > > > -Chris
> > > > >
> > > > > > -----Original Message-----
> > > > > > From: Alejandro Ramirez [SMTP:ales@megared.net.mx]
> > > > > > Sent: Tuesday, August 24, 1999 7:12 PM
> > > > > > To: FreeBSD Questions
> > > > > > Subject: tcp wrappers
> > > > > >
> > > > > > Hi,
> > > > > >
> > > > > > I know that tcp wrappers are included in 3.2 Release, so I
> > have
> > > > > > modified
> > > > > > the /etc/hosts.allow file, and HUP the inetd daemon, but it
doesnt
> > > > work,
> > > > > > its
> > > > > > there some documentation that could help me, or do you know what
> > am
> > I
> > > > > > missing???
> > > > > >
> > > > > > Thanks in Advance
> > > > > >
> > > > > > Ales
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org
> > > > > > with "unsubscribe freebsd-questions" in the body of the message
> > > > >
> > > > >
> > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org
> > > > > with "unsubscribe freebsd-questions" in the body of the message
> > > >
> > > >
> > > >
> > > >
> > > > To Unsubscribe: send mail to majordomo@FreeBSD.org
> > > > with "unsubscribe freebsd-questions" in the body of the message
> >
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-questions" in the body of the message
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?056001beef33$96f10120$d4630a0a>