Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: logging solaris 10 tcp-wrappers
Operating Systems Solaris logging solaris 10 tcp-wrappers Post 302123913 by csgonan on Wednesday 27th of June 2007 05:24:52 PM
Old 06-27-2007
logging solaris 10 tcp-wrappers
I want to log tcp-wrapper events Solaris 10. I researched and saw that I could make a syslog entry in the hosts.deny, which I did below. After restarting syslog and having ssh blocking, I see nothing logging. I also do not get the email that should be generated. The file was taken from a working server.

I did put an auth.warning entry in syslog to the tcpwrapper log file which generated an entry when ssh was rejected, but the email wasn't received.

Any suggestins on why these emails might not be working and how to get sendmail logged? I see in the maillog that it is being blocked. NOTE: The sendmail being blocked is not happening at the same time this email notice of the violation is supposed to go out.

This is one of the lines in maillog

Jun 27 17:16:37 kristina sendmail[992]: [ID 801593 mail.notice] l5RLGbC3000992: tcpwrappers (localhost, 127.0.0.1) rejection

This is my hosts deny (abreviated).

sshd: ALL: spawn (echo "ssh violation from %h on %s using ssh - possible cracker ! Check /var/log/syslog on %s immediately!" | /usr/bin/mailx -r alert -s "tcpd violation from %h on %s - possible cracker!" csgonan) &

ALL: ALL: severity LOCAL3.notice

--------
here is my syslog.conf

# 6/26/07 - CSR added this to test logging tcpwrappers
local3.* ifdef(`LOGHOST', /var/log/tcpwrapperLog, @loghost)

-rw-r--r-- 1 root sys 0 Jun 26 15:57 tcpwrapperLog
Last edited by csgonan; 06-27-2007 at 06:57 PM..
 

10 More Discussions You Might Find Interesting

1. IP Networking

configure TCP/IP for solaris 8

Hello, I have 4 unix (Solaris 8) stations need to setup on network. what is a easy way and quick to setup TCP/IP so I can bring it online?. Please advise! (3 Replies)
Discussion started by: phapvn
3 Replies

2. Cybersecurity

TCP Wrappers

I have installed TCP wrappers , Good package ... I have a problem with the hosts_options part ... I am not able to use the twist command .. It just dosent respond I have compiled wrappers 7.6 for Solaris 8 with ipv6 support ... Everything works fine except the twist doesnt work I have... (1 Reply)
Discussion started by: DPAI
1 Replies

3. Solaris

[help] very need help for solaris TCP

hi expert, hi all very need help please advice, i have v890 production server (gateway server) which running on telecommunication application (e.g USSD application) on this few month i have a problem with the connection to application server, for 2 - 3 hours the connection always down and cannot... (0 Replies)
Discussion started by: bucci
0 Replies

4. Solaris

TCP Wrappers - again

has anyone ever tried using a client list in thier hosts.allow file Example of hosts.allow) in.ftpd: /etc/ftp.hosts "ftp.hosts" has my list of IP address that are allow access.... However I cant get this work...Any Comments or Help? (0 Replies)
Discussion started by: dodge_man
0 Replies

5. AIX

TCP wrappers

With things installed and wrapping ftpd on AIX 5.1 in hosts.deny I have; ALL: ALL in hosts.allow; ftpd: x.x.x.x ALL: x.x.x.x I get this on connect via ftp; 421 Service not available, remote server has closed connection So its working as far as blocking but the hosts.allow seems to be... (1 Reply)
Discussion started by: traken
1 Replies

6. UNIX for Advanced & Expert Users

TCP Wrappers and restricting users

I'm using vsftpd which is being controlled by inetd. I have a user that I want to only be able to connect from one specific IP address on the same internal network so I can backup files on a separate system. Is this possible with TCP wrappers? I got the notion that it was because of a few... (4 Replies)
Discussion started by: mashiox
4 Replies

7. AIX

aix tcp wrappers hosts.allow hosts.deny?

hi all just installed the netsec.options.tcpwrapper from expansion pack, which used to be a rpm, for my aix 6.1 test box. it is so unpredictable. i set up the hosts.deny as suggested for all and allow the sshd for specific ip addresses/hostnames. the tcpdchk says the hosts allowed and... (0 Replies)
Discussion started by: wf201626
0 Replies

8. AIX

TCP Wrappers on AIX 5.3

Hi, I have in my organization varied OS types (AIX,RHEL,Solaris) My need was to block ftp connections from some addresses on my organization, but to not disable the protocol. In the linux servers i did that with the hosts.deny file that used by the vsftpd deamon. In my AIX servers, i have... (6 Replies)
Discussion started by: moshesa
6 Replies

9. HP-UX

Logging into UNIX via TCP/IP Telnet

I can connect to the UNIX box using a TCP/IP Telnet session but the UNIX does not respond with the login prompt. The box responds to a PING and the Telnet session actually connects, but no prompt of any sort is recieved back. I can connect via the console, get the login prompt and can login. ... (3 Replies)
Discussion started by: Newnix
3 Replies

10. Solaris

Too much TCP retransmitted and TCP duplicate on server Oracle Solaris 10

I have problem with oracle solaris 10 running on oracle sparc T4-2 server. Os information: 5.10 Generic_150400-03 sun4v sparc sun4v Output from tcpstat.d script TCP bytes: out outRetrans in inDup inUnorder 6833763 7300 98884 0... (2 Replies)
Discussion started by: insatiable1610
2 Replies

LEARN ABOUT BSD

install-solaris

install-solaris(1M)													       install-solaris(1M)

NAME

       install-solaris - install the Solaris operating system

SYNOPSIS

       install-solaris

       install-solaris	invokes  the  Solaris  Install	program. Depending on graphical capability and available memory at the time of invocation,
       install-solaris invokes either a text-based installer or a graphical installer.

       The following minimum requirements for physical memory dictate which features are available during installation:

       For SPARC machines:

       128 MB

	   Minimum physical memory for all installation types

       128 MB

	   Minimum physical memory required for windowing system

       384 MB

	   Minimum physical memory required for graphical-based installation

       For x86 machines:

       256 MB

	   Minimum physical memory for all installation types

       256 MB

	   Minimum physical memory required for windowing system

       512 MB

	   Minimum physical memory required for graphical-based installation

       In some cases, even if the minimum physical memory is present, available virtual memory after system startup can limit the number  of  fea-
       tures available.

       install-solaris	exists	only  on  the Solaris installation media (CD or DVD) and should be invoked only from there. Refer to the  for more
       details.

       install-solaris allows installation of the operating system onto any standalone system. install-solaris loads the software available on the
       installation media. Refer to the  for disk space requirements.

       Refer to the  for more information on the various menus and selections.

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWcdrom  (Solaris instal-  |
       |			     |lation media)		   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |Evolving			   |
       +-----------------------------+-----------------------------+

       pkginfo(1), install(1M), pkgadd(1M), attributes(5)

       It is advisable to exit install-solaris by means of the exit options in the install-solaris menus.

								    23 Sep 2005 					       install-solaris(1M)
All times are GMT -4. The time now is 08:27 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy