Displaying 20 results from an estimated 90 matches similar to: "Problem with TCP_wrappers"
1998 Aug 02
0
ipportfw - security
Hi
Are there any known security holes or necessary precautions in using port
forwarding with ipportfw?
I'm planning on forwarding ports from an outer firewall/router (connected
to the Internet) to a host in the DMZ, then on from the DMZ host to the
inner firewall, and finally from the inner firewall to some host on the
inside.
Thanks,
Jens
jph@strengur.is
From mail@mail.redhat.com Wed
2000 Apr 19
2
ssh and chroot...
I have a RedHat 6.0 x86 server which is serving a number of minor things, which I wish to add shell access to.
I'm currently running sshd and am quite happy with it, the exceptiong being that I am unable to make sshd perform a chroot for shell account users.
I have been reading man pages and howto's, many of which discuss sshd or chroot, but never the two together.
Is this not an
2010 Dec 03
1
[PATCH] upsd tcp_wrappers parsing and logging
Parsing bug was discussed here:
<http://lists.alioth.debian.org/pipermail/nut-upsuser/2010-September/006230.html>
Parsing bug summary
-------------------
working /etc/hosts.allow:
upsd 127.0.0.1 [::1] : ALLOW
broken in /etc/hosts.allow:
upsd localhost : ALLOW
It looks like upsd originally intended to match nut username with system
username? This is not the case now. This causes
2010 Jan 18
0
2.2.1 to 2.4.1 migration (allowfrom/tcp_wrappers)
Hello,
I just upgraded my nut 2.2.1 setup to 2.4.1. The "upsdrvctl shutdown"
command now works using a APC Backup-UPS CS350 via USB. Great!
The removed ACL/allowfrom functionality can be replaced by tcp_wrappers.
Unfortunately there isn't much documentation about the migration.
First you have to compile nut with "--with-wrap".
I have a special "nutadmin"
2001 Mar 28
0
Problem with tcp_wrappers
Hello,
I have just found little bug in OpenSSH's tcp_wrappers handling.
In file sshd.c you can find:
if (!hosts_access(&req)) {
close(sock_in);
close(sock_out);
refuse(&req);
}
If username was not requierd for authorization (for example
you are refusing all connection from specific
2004 Oct 31
2
[Bug 948] high CPU in sshd after tcp_wrappers deny
http://bugzilla.mindrot.org/show_bug.cgi?id=948
Summary: high CPU in sshd after tcp_wrappers deny
Product: Portable OpenSSH
Version: 3.9p1
Platform: Sparc
OS/Version: Solaris
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: openssh-bugs at mindrot.org
ReportedBy:
2005 Feb 19
1
[Bug 948] high CPU in sshd after tcp_wrappers deny
http://bugzilla.mindrot.org/show_bug.cgi?id=948
dtucker at zip.com.au changed:
What |Removed |Added
----------------------------------------------------------------------------
URL| |http://www.aet.tu-
| |cottbus.de/rt2/Ticket/Displa
|
2014 Mar 23
1
[CentOS} Does anyone use tcp_wrappers?
Most certainly YES!!!
Next to iptables tcp_wrappers is a solid seconde line of defense.
The argument that is is no longer developped is rubbish.
The package does what is should do, functionality isexactly what it
should be and it is bug free.
Also it is flexible enough to do other tricks with it like spawning
something depending on the ip address the incoming connection is coming
from.
It is a
2009 Jun 21
1
tcp_wrappers
Hi,
I've just started using Dovecot (v1.1.14), and I'm noticing a lot of dictionary
attacks. I searched through the documentation and the mailing list archives
hoping to find support for tcp_wrappers (hosts.deny) support.
I did find some suggested patches in the list from last year, but as far
as I can tell, there is no support in the released versions.
Is this implemented and
2002 May 03
2
Does OpenSSH have tcp_wrappers *built-in* or just compatibility?
I was under the impression it was just compatibility, and not actually
built-in, but I thought I'd ask here and just make sure of what I'm
saying. :) TIA.
--
Austin Gonyou
Systems Architect, CCNA
Coremetrics, Inc.
Phone: 512-698-7250
email: austin at coremetrics.com
"It is the part of a good shepherd to shear his flock, not to skin it."
Latin Proverb
-------------- next part
1997 Oct 02
2
SNI-19:BSD lpd vulnerabilities
-----BEGIN PGP SIGNED MESSAGE-----
##### ## ## ######
## ### ## ##
##### ## # ## ##
## ## ### ##
##### . ## ## . ###### .
Secure Networks Inc.
Security Advisory
2000 Oct 07
2
[PATCH]: Add tcp_wrappers protection to port forwarding
Hi,
attached is a patch by Chris Faylor <cgf at cygnus.com> relative to
2.2.0p1.
Description:
OpenSSH does not allow port gatewaying by default. This means that only
the local host can access forwarded ports. Adding "GatewayPorts yes" to
.ssh/config usually does this job.
Unfortunately, OpenSSH does not recognize the same hosts.allow/
hosts.deny options as ssh.com's sshd
2005 Jan 19
22
[Bug 948] high CPU in sshd after tcp_wrappers deny
http://bugzilla.mindrot.org/show_bug.cgi?id=948
------- Additional Comments From dtucker at zip.com.au 2005-01-19 20:01 -------
Also worth trying: patch #772 in bug #973
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
2009 Sep 05
2
[LLVMdev] code analysis bug
In file included from libopts.c:23:
./makeshell.c:138:26: warning: more '%' conversions than data
arguments
"unset OPT_ARG_VAL || :\n%2$s";
This is not correct. The format below uses the first argument twice and the
second argument once. The "clang" analysis does not properly recognize
the "1$" and "2$" modifiers. This is POSIX for a while,
2007 Apr 18
1
[Bridge] Re: hang on PPC
On Sun, 27 Jun 2004 15:43:30 +0700
<arkady-parabel@ngs.ru> wrote:
> Hi.
>
> I'm using a powerpc-based board (CPU - Motorolla 82855, 50
> Mhz) with 32 Mb of RAM, Big Endian.
> Linux kernel - 2.4.22, bridge - statically linked & as a
> module
> brctl - 0.9.6
> Ethernet - fec (arch/ppc/8xx_io/fec.c)
> All this was compiled with gcc version 3.2.2 20030217
1998 Oct 07
1
Re: sshd and PAM [summary]
-----BEGIN PGP SIGNED MESSAGE-----
Hi,
I''ve got several replies, thank you for them. Let me summarize:
o Many people say there is a PAMified version of ssh available at
ftp://ftp.replay.com/pub/crypto/redhat/SRPMS (the source)
ftp://ftp.replay.com/pub/crypto/redhat/i386 (Intel binaries)
(there are analogous paths for the other architectures). The packages
are made by Jan
2005 May 17
0
Building openssh4.0p1 on AIX 5.3 with openssl 0.9.7g and tcp_wrapper
Hi all,
Would appreciate if you can help me resolve this issue. I'm getting
following error on running configure: The library libcrypto.a is under
"/opt/freeware/lib" and is the only instance of libcrypto.a. And I'm using
IBM AIX C compiler 6.0.
configure: error: *** Can't find recent OpenSSL libcrypto (see config.log
for details) ***
CONFIGURE
$ ./configure
2004 Nov 16
8
[Bug 954] configure w/PAM & tcp_wrapper crashes on Irix 6.5
http://bugzilla.mindrot.org/show_bug.cgi?id=954
Summary: configure w/PAM & tcp_wrapper crashes on Irix 6.5
Product: Portable OpenSSH
Version: 3.8.1p1
Platform: MIPS
OS/Version: IRIX
Status: NEW
Severity: normal
Priority: P2
Component: Build system
AssignedTo: openssh-bugs at mindrot.org
2005 Mar 14
1
Fwd: [Cooker] Re: Configure Xen in Mandrake 10.2 cooker
On Monday 14 March 2005 06:29 pm, Mark Williamson wrote:
> > I don''t know if this is the right place to post, but I can''t find any
> > info about my problem on the net.
>
> Yes, this is the right place.
>
> > title Xen2610
> > kernel /boot/xen.gz dom0_mem=131072 console=vga
> > module /boot/vmlinuz-2.6.10-xen0 root=/dev/hde1 ro console=tty0
2008 Mar 18
14
Proposal for an improved API for Sizer (and ToolBar)
Hi all,
This is a proposal for supporting keyword arguments to Sizer#add
following the thread below :
http://rubyforge.org/pipermail/wxruby-development/2008-March/001244.html
After a deeper look at lib/wx/keyword_ctors.rb and
lib/wx/keyword_defs.rb, I understood the whole thing :-).
I just reused and modified slightly the method args_as_list.
The new Sizer#add_item combines the features of add