search for: tcpd

...stream tcp nowait root internal #daytime dgram udp wait root internal #chargen stream tcp nowait root internal #chargen dgram udp wait root internal # # These are standard services. # ftp stream tcp nowait root /usr/sbin/tcpd in.ftpd -l -a telnet stream tcp nowait root /usr/sbin/tcpd in.telnetd gopher stream tcp nowait root /usr/sbin/tcpd gn # do not uncomment smtp unless you *really* know what you are doing. # smtp is handled by the sendmail daemon now, not smtpd. It does NOT # run from here, i...

Salve, I''m protecting hades with the tcpd wrappers and had no problems so far, at least none that I noticed. Today happend something strange. An attacker got a connect on a protected port from a not allowed IP: > Unusual System Events > =-=-=-=-=-=-=-=-=-=-= BTW, thanks for that tool. > Jul 1 03:34:56 hades in.null[18321]:...

I am interested in opinions regarding the use of xinetd versus the use of tcp wrappers. The two programs have similar functionality, but I find xinetd suits my needs better. The biggest problem is the age of xinetd, and AFAIK it is no longer being kept up. Are there any known security issues with xinetd? Another issue is that xinetd makes use of a non-standard inetd.conf layout, but

I'm having a problem with Samba v2.2.8a under Solaris with tcp wrappers. Here's my current setup: Software: Solaris8 w/current recommended patch cluster gcc v3.2.2 Samba 2.2.8a with the following config directives: --prefix=/server/sw/18 --with-acl-support tcpd v7.6 Inetd.conf lines: netbios-ssn stream tcp nowait root /opt/common/sbin/tcpd /server/sw/prod_samba/sbin/smbd -D netbios-ns dgram udp wait root /opt/common/sbin/tcpd /server/sw/prod_samba/sbin/nmbd -D What's happening is tha Samba will work fine in stand-a...

Ian Jackson: > I recently encountered a bug where some ssh login sessions would > apparently inherit a blocked SIGALRM. A web search showed up two > relevant threads: > http://lists.suse.com/archive/suse-linux-e/2005-Dec/2628.html > http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=113533337923128&w=2 > et seq - but sadly no answers. > > Experimentation with

...0 on Slackware 9.1. No matter what I do, I can't get files transferred to the tftp server. I just get timeouts - no messages in /var/log/messages or in /var/log/syslog - just dealthly silence. This is the configuration line from /etc/inetd.conf tftp dgram udp wait nobody /usr/sbin/tcpd -s /tftpboot /usr/local/tftp/sbin/in.tftpd All the files and directories on the above line exist - and I believe the permissions should be OK: ls -axl / total 1980 drwxrwxrwx 2 nobody daemon 4096 Oct 1 00:28 tftpboot ls -axl /usr/local/tftp/sbin/in.tftpd -rwxr-xr-x 1 root...

...s present on some (though not > all) systems - covering linux, freebsd, openindiana... and neither > complained about `sockdebug` :\ > > What version do you have? Maybe it is some alternate implementation? Looks like 7.4, as amended in NetBSD over the years. Looks like the original. tcpd.h has /* * @(#) tcpd.h 1.5 96/03/19 16:22:24 * * Author: Wietse Venema, Eindhoven University of Technology, The Netherlands. */ $ nm -g /usr/lib/libwrap.so|egrep _severity U allow_severity U deny_severity The man page says The allow_severity a...

Hello there, I have been trying to make the patch work for libwrap(TCP Wrappers) posted on http://dovecot.org/patches <http://dovecot.org/patches%20Patch%20of%201.1> Patch of 1.1 but could not get it work. Any help will be highly appreciated. After compiling and running it I get error "Error: login_tcp_wrappers can't be used because Dovecot wasn't built with

...ast night I got three of these log messages: Two in a row, one a bit later. May 8 00:35:15 osg-gw imapd[4307]: warning: can''t get client address: Connectio n reset by peer May 8 00:35:15 osg-gw imapd[4307]: refused connect from unknown Now, I have imapd blocked to non-local users using tcpd wrappers, so tcpd is trying to find the address of the remote machine (all my wrappers are specified using IP addresses rather than domain names). I assume that some call (getpeername?) is failing on the connect, so it rejects the connection. My question, is the attacker learning anything? Are th...

...The entries in dhcpd.conf are the same ( except for the MAC ) They are both in the same network and both try to download the same kernel. The file /tftpboot/andreas/pxelinux.0 exists in.tftp is called from inetd.conf with this parameters tftp dgram udp wait root /usr/sbin/tcpd in.tftpd -v -v -v -p -s /tftpboot Can anyone please help me ? Thanks Andreas

Hello, I try to compile openssh-2.9p1 on a SGI Origin 200 computer under IRIX 6.5 with the option --with-tcp-wrappers enable. I have also compiled tcp-wrapper and have installed the library libwrap.a in /usr/lib and the file tcpd.h in /usr/include. When i run the ./configure script i have a error. The script asked me that the libwrap is missing. How can i resolve this ? Thanks. Bests Regards Fabien Muller

...th ssh, i have the following message : ssh_exchange_identification: Connection closed by remote host. My files hosts.allow and hosts.deny are in /etc and look like this : hosts.allow ALL: LOCAL host1 host2 ect hosts.deny ALL: ALL: /usr/etc/safe_finger -l @%h | /usr/sbin/Mail -s 'INTRUSION tcpd: \ %d-%h' root & This files work for telnet When i erase them i can use ssh. Has someone resolve a similar problem ? Thanks. Fabien Muller

Skipped content of type multipart/alternative-------------- next part -------------- A non-text attachment was scrubbed... Name: Daniel Bennett (NQL).vcf Type: application/octet-stream Size: 383 bytes Desc: not available Url : http://lists.samba.org/archive/samba/attachments/20020816/fbcd8db3/DanielBennettNQL.obj

I tried to install samba 3.0.4 and does not work. Every time I did 'PKILL -HUP inetd'' it does not start the samba daemon. I have the three lines on the bottom of the inetd.conf: netbios-ssn stream tcp nowait root /usr/local/sbin/tcpd /usr/local/samba/sbin/smbd smbd netbios-ns dgram udp wait root /usr/local/sbin/tcpd /usr/local/samba/sbin/nmbd nmbd swat stream tcp nowait.400 root /usr/local/sbin/tcpd /usr/local/samba/sbin/swat swat Does the samba 3.0.4 should work with Sol...

I was just thinking how they could be easily supported. This would work, right? : imap stream tcp nowait root /usr/sbin/tcpd /usr/local/libexec/dovecot/imap-login imaps stream tcp nowait root /usr/sbin/tcpd /usr/local/libexec/dovecot/imap-login --ssl imap-login would try to connect to master process using some named socket. If it couldn't, it would create the master process itself. Master process would work as usual...

Hi, I am having problems with Dovecot 1.0.3 and Thunderbird 2.0.0.6 when using a new user account without any mbox files present. Directory /home/$user/.imap_mail/ does not exist when Thunderbird first tries to login using IMAP to the account. On login this directory is created with a zero byte Trash file and .subscriptions containing string "Trash", so far, so good. Now I create a

Hi, 2.0 compiles fine in Solaris but and I've found only one glitch so far. Tcpwapper support needs some tweaks. I need to add CPPFLAGS=/usr/sfw/include because tcpd.h is in there. Then also LDFLAGS='-R/usr/sfw/lib -L/usr/sfw/lib' is needed. It would be nice to have --with-tcpwrap-dir or something. After this linking gives an error Undefined first referenced symbol in file deny_severity /usr/sfw/lib//libwrap.so allow_severity /usr/sfw/lib//libwrap.s...

...> before your server had a chance to respond. > > [mod: I approved Eric''s message because I wanted you all to have a > look at these "logs" and tell me and Eric (and learn for yourselves) > what probably happened. Wietse is confirming my reading of the log: > tcpd is trying to find out who it is talking to, but the remote end > already has abandoned the connection. The "legit" explanation is that I know you said "discussion closed", but I think I have something useful to contribute. Many months ago, someone was DoS attacking one of o...

...might have seemed like a > good idea in the 90s, but in a modern system that sort of alerting should > be integrated into log monitoring (and should be much more comprehensive > than a couple of services linked against wrappers). > Note that you can still do that by starting sshd under tcpd+inetd, something like: ssh stream tcp nowait root /usr/sbin/tcpd /usr/sbin/sshd -i or the equivalent in your inetd-alike. For SSHv2 connections it should be about the same speed (it'll be slower for Protocol 1 connections because each connection will need to generate a new ephemeral host key...

...ser.mindstar.bogus (8.8.8/8.8.8) id VAA21252; Wed, 1 Jul 1998 21:59:07 +0200 Date: Wed, 1 Jul 1998 21:59:07 +0200 (CEST) From: Pluto <pluto@pizzaservice.de> X-Sender: pluto@hellraiser.mindstar.bogus Reply-To: pluto@pizzaservice.de To: Linux Security <linux-security@redhat.com> Subject: tcpd anomaly In-Reply-To: <199807010231.EAA18365@iconnect.de> Message-ID: <Pine.LNX.3.96.980701204911.21000G-100000@hellraiser.mindstar.bogus> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-moderate: yes Salve, I'm protecting hades with the tcpd wrappers and had no...