From owner-freebsd-questions Mon May 13 3:33: 7 2002 Delivered-To: freebsd-questions@freebsd.org Received: from whale.sunbay.crimea.ua (whale.sunbay.crimea.ua [212.110.138.65]) by hub.freebsd.org (Postfix) with ESMTP id 321A637B400 for ; Mon, 13 May 2002 03:32:57 -0700 (PDT) Received: (from ru@localhost) by whale.sunbay.crimea.ua (8.11.6/8.11.2) id g4DAWL727034; Mon, 13 May 2002 13:32:21 +0300 (EEST) (envelope-from ru) Date: Mon, 13 May 2002 13:32:21 +0300 From: Ruslan Ermilov To: Paul Everlund Cc: freebsd-questions@FreeBSD.ORG Subject: Re: inetd - hosts.allow warnings Message-ID: <20020513103221.GJ64294@sunbay.com> References: Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="g3RkK9jYN81zD2N+" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.3.99i Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --g3RkK9jYN81zD2N+ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, May 13, 2002 at 10:16:32AM +0200, Paul Everlund wrote: > Hi all! >=20 > Did get this message in my log: > > May 12 21:07:12 fw inetd[30064]: warning: /etc/hosts.allow, > line 23: host name/name mismatch: hosting-90.120.rev.fr.colt.net > !=3D everlund.homeip.net >=20 > What do trigger this message? Looking only at the equivalence; > hosting-90.120.rev.fr.colt.net !=3D everlund.homeip.net, that > the "visiting" host is different than my domain, I would get > this message from every "visiting" computer, but I do not. >=20 > Do the message imply a security threat, or nothing bad has > really happened, or bad things can happen out of this? >=20 > Depending of what triggers it, can I change anything in > hosts.allow to stop those hosts that fire up these warnings? >=20 > Thanks in advance for all the help I can get on this matter! >=20 The contents of /etc/hosts causes this: : revision 1.14 : date: 2001/09/29 12:20:08; author: ru; state: Exp; lines: +3 -3 : Backout revision 1.9 that added `myname.my.domain' as another alias for : `localhost'. If your /etc/nsswitch.conf has ``hosts: files dns'', and : you changed `myname.my.domain' in /etc/hosts to match hostname(1), and : you run inetd(8) with the -l option, any connect to `myname' using its : real IP address through inetd(8), e.g. `ftp -a myname', will spam your : /var/log/messages with: :=20 : inetd[PID]: warning: /etc/hosts.allow, line 23: host name/name mismatch: = myname.my.domain !=3D localhost :=20 : This is especially bad for -STABLE, where /etc/host.conf defaults to : "files first then DNS" resolution order. :=20 : Noticed by: Igor Kucherenko : MFC after: 1 week Cheers, --=20 Ruslan Ermilov Sysadmin and DBA, ru@sunbay.com Sunbay Software AG, ru@FreeBSD.org FreeBSD committer, +380.652.512.251 Simferopol, Ukraine http://www.FreeBSD.org The Power To Serve http://www.oracle.com Enabling The Information Age --g3RkK9jYN81zD2N+ Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (FreeBSD) iD8DBQE835Y1Ukv4P6juNwoRAqrkAJ0RHoZz218/+x537W9NLdzAekdRIgCfaKyh LZFV8XbEQmgowOXXf1it29A= =/XRu -----END PGP SIGNATURE----- --g3RkK9jYN81zD2N+-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message