Displaying 20 results from an estimated 2000 matches similar to: "TCPWrappers + Sendmail = not working"
2007 Sep 25
1
Samba and TCPWrappers
Good Morning,
I have a Centos 4.5 (x86_64) server running samba to share data with
windows users. We've been going through a security audit and the
following log entries were noted:
[2007/09/24 09:37:29, 0] rpc_server/srv_util.c:get_alias_user_groups(206)
get_alias_user_groups: gid of user bendew doesn't exist. Check your /etc/passwd and /etc/group files
[2007/09/24 09:37:29, 1]
2004 Oct 29
2
Logging and libwrap
Hi,
A few things regarding logging and libwrap..
a) PAM_RHOST patch
Back in July, dean gaudet helpfully posted a patch to dovecot PAM_RHOST the
remote IP. Is this going to be included in the main dovecot tree? It
seems like a worthwhile addition. The more informative and concise the
logging the better.
See http://www.dovecot.org/list/dovecot/2004-July/004011.html for the original
message.
2014 Apr 23
3
hackers celebrate this day: openssh drops security! was: Re: heads up: tcpwrappers support going away
On 23 April 2014 21:43, mancha <mancha1 at zoho.com> wrote:
> On Wed, Apr 23, 2014 at 12:26:58PM -0700, Iain Morgan wrote:
>> A slightly better solution would be a PAM module that uses the same
>> syntax as libwrap. Possibly someone has already written such a module.
>
> Possibly, but only for platforms which use for PAM.
Pam is executed so late in the chain that any
2014 Apr 22
2
heads up: tcpwrappers support going away
Hi,
This is an early warning: OpenSSH will drop tcpwrappers in the next
release. sshd_config has supported the Match keyword for a long time
and it is possible to express more useful conditions (e.g. matching
by user and address) than tcpwrappers allowed.
Removing it reduces the amount of code in the 'hot' pre-authentication
path in sshd and rids us of a dependency.
-d
2014 Apr 23
1
VETO! Re: heads up: tcpwrappers support going away
On Tue, Apr 22, 2014 at 9:33 AM, Damien Miller <djm at mindrot.org> wrote:
> Hi,
>
> This is an early warning: OpenSSH will drop tcpwrappers in the next
> release. sshd_config has supported the Match keyword for a long time
> and it is possible to express more useful conditions (e.g. matching
> by user and address) than tcpwrappers allowed.
>
> Removing it reduces the
2011 Feb 09
4
Domain blacklisting
Hello,
I run dovecot-2/Maildir/LDAP user/passdb and would like to be able to deny
acess to users who connect from certain domains/IP (google.com for instance
since in that case they gave their credentials to a third party).
My understanding is that I cannot use some negative form of "allow_nets". The
only mechanism I can think of is tcp_wrappers. However, dovecot documentation
mention
2005 Jan 17
19
[Bug 973] sshd behaves differently while doing syslog entries for tcpwrappers denied message, with -r and without -r option.
http://bugzilla.mindrot.org/show_bug.cgi?id=973
Summary: sshd behaves differently while doing syslog entries for
tcpwrappers denied message, with -r and without -r
option.
Product: Portable OpenSSH
Version: 3.9p1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
2023 Nov 09
2
2.8.1 build buglet: sockdebug.c
I am (belatedly) updating pkgsrc to 2.8.1 (+ bugfix).
(FWIW, I think a 2.8.1.1 or 2.8.2 immediately with the fix is in order.
>From a packaging viewpoint, the effort to update for a release is about
3 minutes plus time to adapt anythhing that has changed. So I'd much
rather have releases more often.)
In the pkgsrc build, nut finds tcp wrappers because they are part of the
base system.
2012 Jan 19
1
LMTP ignoring tcpwrappers
Hello,
we want to use dovecot LMTP for efficient mail delivery from our MX
servers (running postfix 2.8) to our storage servers (dovecot 2.0.17).
However, the one problem we see is the lack of access control when using
LMTP. It apears that every client in our network who has access to the
storage machines can drop a message in a Maildir of any user on that
storage server. To prevent this
1998 Dec 15
1
portmap & tcpwrappers
I don't know if this is RedHat 5.1 specific, but be aware that the version
of portmap distributed is the enhanced (Wietse Venema) version. That's
great, except for two things. The first is documented, but easy to overlook:
"In order to avoid deadlocks, the portmap program does not attempt to look
up the remote host name or user name...The upshot of all this is that only
network
2004 Jul 26
2
IAX2 to IAX2...i'm obviously an idiot!!
Hi All
I'm trying to get two Asterisk servers to talk to each other using IAX(2).
I've read the WiKi and the docs and tried the examples.....
I can't get it to work (I have 2 x 7960's registering on one server and 1 x 7960 registering on the other).
I've set them up as follows...
The two servers are set up as friends and have consecutive IP address's.
The setup is
2003 Sep 17
2
problem with configure in openssh-3.7p1
Problem: setting --with-tcpwrappers does not configure code to be compiled
with wrapper support
Solution: references to with_tcp_wrappers (lines 4975, 6396, 6397) need to
be changed to with_tcpwrappers
David Purks
Sr Sys Admin
Cogent Communications
2023 Nov 09
1
2.8.1 build buglet: sockdebug.c
Thanks, I think it would not hurt to add the variables into the source if
that helps?
A bit puzzled why it wants TCP wrappers though, the program is primarily
about the Unix socket access.
It can be used by end-users or more likely by developers for
troubleshooting; potentially for some automations that act like a NUT
driver. Not intended as a prime-time mechanism, but could have its uses...
As
2013 Jul 03
1
tcpwrappers
hi everybody
having I believe sort of plain-vanilla config with section
in 10-tcpwrapper.conf
as per docs
login_access_sockets = tcpwrap
service tcpwrap {
unix_listener login/tcpwrap {
group = $default_login_user
mode = 0600
user = $default_login_user
}
}
/etc/hosts.deny contains:
ALL: given_host
and yet dovecot logins IMAP client in
whereas other tcpwrapper aware
2001 Feb 27
4
AllowHosts / DenyHosts
I'd like to see a feature of the commercial ssh in openssh:
AllowHosts xxx.yyy.xxx.yyy *.domain.net
DenyHosts xxx.yyy.xxx.* name.domain.net
This allows or denies connects from certain machines (including wildcard
matching).
Is there any chance for this feature to be included? No, we don't want to
use tcp-wrapper for this.
Bye.
2014 Jun 28
1
tftp-hpa 5.2
Hello everyone,
I am having difficulties in setting up a tftp server on a Fedora 3.14.8-200.fc20.x86_64.
Running tftp client to test the server functionality, a simple get from the terminal prompts 'Transfer timed out.' back.
The version is tftp-hpa 5.2, with remap, with tcpwrappers, unfortunately I am not able to find any log in the system journal.?
The server and related services appear
2023 Nov 09
1
2.8.1 build buglet: sockdebug.c
By the way, on the NUT CI farm the libwrap is present on some (though not
all) systems - covering linux, freebsd, openindiana... and neither
complained about `sockdebug` :\
What version do you have? Maybe it is some alternate implementation?
Jim
On Thu, Nov 9, 2023 at 3:44?PM Greg Troxel <gdt at lexort.com> wrote:
> I am (belatedly) updating pkgsrc to 2.8.1 (+ bugfix).
>
>
1999 Nov 22
1
tcp-wrappers not being used even w/ --with-tcp-wrappers
Howdy,
It seems that even when specifying the --with-tcp-wrappers configure
flag, the LIBWRAP define in config.h never gets #define'd and -lwrap
never gets added to LIBS in the Makefile. To make sure I wasn't
dealing with a stale configure file, I ran autoconf on configure.in
to roll a new configure. I also don't see anything wrong with the
--with-tcp-wrappers defined in
2011 Jul 27
1
dovecot and tcpwrappers
Hi,
I used dovecot 1.x for quite a while and it worked fine. However, I used it
through inetd and used hosts.allow/deny to restrict access to only certain
groups of systems.
Since yesterday I have dovecot 2.0.13. But in version 2.0.13 it seems that
starting using inetd doesn't work anymore : I only get a strange error
message if I try to connect using telnet :
telnet localhost imap
2023 Oct 31
5
NUT v2.8.1 is released
...it was almost midnight, Cinderella became a pumpkin, and NUT was
released!..
Trick or treat?!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/nut-upsdev/attachments/20231031/f3590340/attachment.htm>