Date: Tue, 4 Sep 2001 00:14:04 +0200 From: Dimitry Andric <dim@xs4all.nl> To: "Conrado Vardanega" <cvspam@ig.com.br> Cc: freebsd-stable@FreeBSD.ORG Subject: Re: Access disallowed through ssh Message-ID: <1919073155.20010904001404@xs4all.nl> In-Reply-To: <NDBBLGPICDCECKDGFCGFGECKCKAA.cvspam@ig.com.br> References: <NDBBLGPICDCECKDGFCGFGECKCKAA.cvspam@ig.com.br>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2001-09-03 at 23:03:20 Conrado Vardanega wrote: CV> "Received disconnect from 200.193.xx.xx: 2: Sorry, you are not allowed to CV> connect." - --snip-- CV> This began sometime with no apparent changes to the system. The hosts.allow CV> is default, which already allowed me access it in the past. Check your (reverse) DNS lookups and/or server. If the address you are connecting from doesn't resolve properly, you'll be denied, due to the following lines in the default hosts.allow: # Protect against simple DNS spoofing attacks by checking that the # forward and reverse records for the remote host match. If a mismatch # occurs, access is denied, and any positive ident response within # 20 seconds is logged. No protection is afforded against DNS poisoning, # IP spoofing or more complicated attacks. Hosts with no reverse DNS # pass this rule. ALL : PARANOID : RFC931 20 : deny I've had my DNS server drop out on me more than once, and each time I get exactly those problems you mention with tcpwrappers. :) Cheers, - -- Dimitry Andric <dim@xs4all.nl> PGP Key: http://www.xs4all.nl/~dim/dim.asc Fingerprint: 7AB462D2CE35FC6D42394FCDB05EA30A2E2096A3 -----BEGIN PGP SIGNATURE----- Version: PGP 6.5i Comment: http://www.gn.apc.org/duncan/stoa_cover.htm iQA/AwUBO5PyprBeowouIJajEQKDLACeI549TkbHY/arJHlSbLXO7DcDIE4An1We DX2VBhQi3w4AVhVdnE02R3dD =0FXG -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1919073155.20010904001404>