Questions tagged [tcp-wrappers]
15 questions
7
votes
4 answers
Telnet connection had been closed by a foreign host
The client PC IP: 10.49.46.5/24 and the server PC IP: 10.49.46.2/24 are two computers linked to the same network.
When I try to create an interactive communication between these two computers using the command telnet, I get the…
Yuri
- 71
- 1
- 1
- 3
4
votes
2 answers
TCP wrapper "except" option
I configured the /etc/hosts.allow at the machine 192.168.122.50 with the following option.
sshd : ALL EXCEPT 192.168.122.1
and tried ssh [email protected] from the machine 192.168.122.1 and I was
able to connect to the machine 192.168.122.50 as…
sjsam
- 1,576
- 2
- 13
- 22
4
votes
1 answer
hosts.allow: %u not working (log username)
I need to keep track of all SSH connections on my server. In my /etc/hosts.allow I have something like this:
sshd: ALL : spawn ( echo "`date` from %u %a " >> /var/log/ssh/%d.log ) &
where %a logs the client IP, and %u is supposed to log the…
Martin Vegter
- 69
- 66
- 195
- 326
4
votes
1 answer
Which takes precedence: /etc/hosts.allow or firewalld?
On a RHEL 7 server, /etc/hosts.allow has a number of IP addresses with full access. The firewall (confirmed with firewall-cmd), there are no specific sources defined, and the default zone allows certain ports and services.
Which takes precedence? …
Jon Pennycook
- 43
- 4
3
votes
2 answers
Editing my /etc/hosts.deny
I'm being trolled by China, and don't know why I can't block their request to my server.
//host.deny
ALL: item.taobao.com
ALL: 117.25.128.*
But when I watch the error log on my webserver tail -f /var/log/apache2/error.log the requests are still…
Jordan Davis
- 141
- 1
- 6
2
votes
2 answers
How to ban all connections to .se and .ru in the hosts.deny file
I am trying to figure out, whether or not it's possible to make sure, that if a user uses a browser and types in a domain name that ends on either "se" or "ru", they will be denied access to that site.
PS: this is a school assignment, and my teacher…
Brad Bit
- 23
- 3
2
votes
1 answer
What is blocking: Firewall and tcpwrapper?
Is it possible to find whether the firewall (iptables) or tcpwrapper is blocking a connection without accessing the remote server? (Maybe with tcpdump?)
prado
- 920
- 1
- 11
- 33
1
vote
1 answer
Is there a tool to check /etc/hosts.{allow,deny} syntax?
I am looking for a command line tool that checks tcp_wrapper configuration file syntax to make sure daemon names are set right and things like that, check for spelling or syntax errors etc.
Timothy Pulliam
- 3,549
- 3
- 21
- 42
1
vote
1 answer
TCL: TCP Wrapper (tcp_wrappers.tcz) installed but /usr/local/bin/tcpd file is not there
I'm learning host based firewall by installing tcp_wrappers.tcz on Tiny Core Linux (TCL).
Initially, the following files were not there which was expected.
/etc/hosts.allow
/etc/hosts.deny
BEFORE
tc@linux:/etc$ date; ls -lh /etc/host*
Thu May 3…
user264359
1
vote
2 answers
Is there a good reason to use both iptables and tcp_wrappers?
I've taken over administering some machines with no context about their configuration.
Some are using iptables. Some are using tcp_wrappers (ie. /etc/hosts.allow). Some are using both. They're all inconsistently configured.
In many cases iptables…
Schwern
- 111
- 3
1
vote
2 answers
Which one will block first? tcp-wrapper or Iptables?
If a service (or port) is blocked in both TCPwrapper and Iptables, which will block the request first and why?
prado
- 920
- 1
- 11
- 33
1
vote
1 answer
SSH slow after configuring TCP Wrappers
We have SSH open on one of our production servers leaving it prone to various brute force attacks to break in. I reduced the attempts by changing the default port from 22.
I want to further harden security by allowing ssh login from a particular…
Zama Ques
- 3,186
- 12
- 39
- 54
0
votes
1 answer
How can I deny all IPv6 ssh connection
I want to disable all ssh connection from both IPv4 and IPv6 except certain IPs.
I can set /etc/hosts.deny to deny all IPv4 ssh connection:
sshd: ALL
How to apply to IPv6?
I tried below, and fail:
sshd: [*]
and
sshd: [ALL]
My sshd server version:…
Yu-Ting Chen
- 51
- 6
0
votes
1 answer
Sendmail 8.14.4 on CentOS 6.8 tcpwrappers problem
I am running a sendmail server on CentOS 6.8. For MTA connections on port25 I want to use tcpwrappers to reject host with no PTR DNS record.
so my hosts.allow looks like :
sendmail: ALL EXCEPT UNKNOWN
My problem is the mail submission port on 587…
Chris Patch
- 3
- 1
-1
votes
1 answer
Solaris 10: how to run correct tcp wrappers?
I want to deny ftp access on solaris10
For experiment i use only one host
Tcp wrapper is enabled
inetadm -l ftp | grep tcp_wrappers
default tcp_wrappers=TRUE
/etc/hosts.deny
ftpd: 192.168.0.2
in.ftpd: 192.168.0.2
But when i try to log in with ftp…
elbarna
- 12,050
- 22
- 92
- 170