On Thu, 25 Mar 1999, Eric Mosley wrote:
> I've got a freshly installed suse 6 machine with all the defaults. Telnet
> and ftp are all handeled by inetd in the usual way by tcpd...
>
> I have ALL: ALL in the hosts.deny and nothing in the hosts.allow, yet
> anybody can ftp onto the machine and telnet onto the machine???
There are two ways to get /etc/hosts.{allow deny} implemented. One is
for the application to call routines in the TCP Wrapper library (libwrap)
and decide whether or not to accept the connection. Some app.s are built
this way and others aren't. On my system, neither in.ftpd nor in.telnetd
is linked with libwrap.
The other way is to run tcpd and have it invoke the actual daemon *if*
the connection should be accepted. That's the way in.ftpd and in.telnetd
are set up here. In /etc/inetd.conf:
ftp stream tcp nowait root /usr/sbin/tcpd /usr/sbin/in.ftpd -hlS
telnet stream tcp nowait root /usr/sbin/tcpd /usr/sbin/in.telnetd
I've never seen the SuSe distribution so I can't give specific advice,
but you might try editing your inetd.conf to make sure that tcpd is used,
and see if that helps. Be sure to comment the old line and copy it
before making changes, so you can at least get back to where you are now.
"man tcpd" and "man 5 hosts_access" should tell you more.
--
Mark H. Wood, radical centrist [EMAIL PROTECTED]
Charlie, put down that Glitter Glue -- it's time to show the audience
some content!
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
