Manualshelf

User's Manual

ManualsBrandsSolaris ManualsSoftwareCX-310-301
68697071727374757677
Solaris 9 Security CX-310-301 73
rm -f nul.c
( ./nul ; cat prototype ) > in.rlogind
chmod 644 in.rlogind
¾ This creates banner files for in.ftpd, in.telnetd and in.rlogind.
¾ Now when an unauthorized host tries to connect, the banner message will be displayed and the
connection refused.
Logging
TCP Wrappers writes to the log files using syslog.
Valid connect messages are written to the auth.info level and refused connections are written to the
auth.warning level. You can reconfigure syslog by editing /etc/syslog.conf if you want these messages
written to a separate log file. An example of each kind of message is displayed below:
Apr 10 13:23:03 ultra10 in.telnetd[600]: [ID 947420 mail.warning]
refused connect from ultra1.mobileventures.homeip.net
Apr 10 13:28:07 ultra10 in.telnetd[603]: [ID 927837 mail.info] connect
from ultra2.mobileventures.homeip.net
Validating TCP Wrappers
Use the tcpdchk command to check the configuration of TCP Wrappers.
# /usr/local/bin/tcpdchk -av
Using network configuration file: /etc/inet/inetd.conf
>>> Rule /etc/hosts.allow line 1:
daemons: in.telnetd
clients: 192.168.123.1
warning: /etc/hosts.allow, line 1: implicit "allow" at end of rule
access: granted
>>> Rule /etc/hosts.deny line 1:
daemons: ALL
clients: ALL
option: banners /etc/tcpd.deny
access: denied
You can also check an individual host to see whether it is permitted to connect using a specific service. For
example to check if host ultra1 can use telnet to your system, run:
# /usr/local/bin/tcpdmatch in.telnetd ultra1