06-29-2007
Thank you. Yes, loghost is defined. In fact in my research I read that tcp-wrappers log to auth.warning by default so I put a line in for syslog.conf entry for auth-warning and when I attempted to ssh it logged there instead of using the local3.* entry.
I would like to have the logging specified in hosts.deny take care of it so I don't get alot of other entries.
ALL: ALL: severity LOCAL3.notice
Suggestions?
10 More Discussions You Might Find Interesting
1. IP Networking
Hello,
I have 4 unix (Solaris 8) stations need to setup on network.
what is a easy way and quick to setup TCP/IP so I can bring it online?. Please advise! (3 Replies)
Discussion started by: phapvn
3 Replies
2. Cybersecurity
I have installed TCP wrappers , Good package ...
I have a problem with the hosts_options part ...
I am not able to use the twist command .. It just dosent respond
I have compiled wrappers 7.6 for Solaris 8 with ipv6 support ...
Everything works fine except the twist doesnt work
I have... (1 Reply)
Discussion started by: DPAI
1 Replies
3. Solaris
hi expert,
hi all very need help please advice, i have v890 production server (gateway server) which running on telecommunication application (e.g USSD application) on this few month i have a problem with the connection to application server, for 2 - 3 hours the connection always down and cannot... (0 Replies)
Discussion started by: bucci
0 Replies
4. Solaris
has anyone ever tried using a client list in thier hosts.allow file
Example of hosts.allow) in.ftpd: /etc/ftp.hosts
"ftp.hosts" has my list of IP address that are allow access....
However I cant get this work...Any Comments or Help? (0 Replies)
Discussion started by: dodge_man
0 Replies
5. AIX
With things installed and wrapping ftpd on AIX 5.1 in hosts.deny I have;
ALL: ALL
in hosts.allow;
ftpd: x.x.x.x
ALL: x.x.x.x
I get this on connect via ftp;
421 Service not available, remote server has closed connection
So its working as far as blocking but the hosts.allow seems to be... (1 Reply)
Discussion started by: traken
1 Replies
6. UNIX for Advanced & Expert Users
I'm using vsftpd which is being controlled by inetd.
I have a user that I want to only be able to connect from one specific IP address on the same internal network so I can backup files on a separate system.
Is this possible with TCP wrappers? I got the notion that it was because of a few... (4 Replies)
Discussion started by: mashiox
4 Replies
7. AIX
hi all
just installed the netsec.options.tcpwrapper from expansion pack, which used to be a rpm, for my aix 6.1 test box.
it is so unpredictable. i set up the hosts.deny as suggested for all and allow the sshd for specific ip addresses/hostnames.
the tcpdchk says the hosts allowed and... (0 Replies)
Discussion started by: wf201626
0 Replies
8. AIX
Hi,
I have in my organization varied OS types (AIX,RHEL,Solaris)
My need was to block ftp connections from some addresses on my organization,
but to not disable the protocol.
In the linux servers i did that with the hosts.deny file that used by the vsftpd deamon.
In my AIX servers, i have... (6 Replies)
Discussion started by: moshesa
6 Replies
9. HP-UX
I can connect to the UNIX box using a TCP/IP Telnet session but the UNIX does not respond with the login prompt.
The box responds to a PING and the Telnet session actually connects, but no prompt of any sort is recieved back.
I can connect via the console, get the login prompt and can login. ... (3 Replies)
Discussion started by: Newnix
3 Replies
10. Solaris
I have problem with oracle solaris 10 running on oracle sparc T4-2 server.
Os information: 5.10 Generic_150400-03 sun4v sparc sun4v
Output from tcpstat.d script
TCP bytes: out outRetrans in inDup inUnorder
6833763 7300 98884 0... (2 Replies)
Discussion started by: insatiable1610
2 Replies
LEARN ABOUT LINUX
warn.conf
warn.conf(4) File Formats warn.conf(4)
NAME
warn.conf - Kerberos warning configuration file
SYNOPSIS
/etc/krb5/warn.conf
DESCRIPTION
The warn.conf file contains configuration information specifying how users will be warned by the ktkt_warnd daemon about ticket expiration
on a Kerberos client. Credential expiration warnings are sent, by means of syslog, to auth.notice. All other warning messages are sent to
daemon.notice.
Each Kerberos client host must have a warn.conf file in order for users on that host to get Kerberos warnings from the client. Entries in
the warn.conf file must have the following format:
principal syslog | terminal | mail time [email_address]
principal Specifies the principal name to be warned. The asterisk (*) wildcard can be used to specify groups of principals.
syslog Sends the warnings to the system's syslog. Depending on the /etc/syslog.conf file, syslog entries are written to the
/var/adm/messages file and/or displayed on the terminal.
terminal Sends the warnings to display on the terminal.
mail Sends the warnings as email to the address specified by email_address.
time Specifies how much time before the TGT expires when a warning should be sent. The default time value is seconds, but you
can specify h (hours) and m (minutes) after the number to specify other time values.
email_address Specifies the email address at which to send the warnings. This field must be specified only with the mail field.
EXAMPLES
Example 1: Specifying warnings
The following warn.conf entry
* syslog 5m
specifies that warnings will be sent to the syslog five minutes before the expiration of the TGT for all principals. The form of the mes-
sage is:
jdb@ACME.COM: your kerberos credentials expire in 5 minutes
FILES
/usr/lib/krb5/ktkt_warnd Kerberos warning daemon
SEE ALSO
ktkt_warnd(1M), syslog.conf(4), SEAM(5)
SunOS 5.10 22 Apr 2003 warn.conf(4)