[2107] in linux-security and linux-alert archive
[linux-security] Re: portmap vulnerability?
daemon@ATHENA.MIT.EDU (Tony Nugent)
Thu Dec 10 07:55:16 1998
To: linux-security@redhat.com
Cc: Kevin Vajk <kvajk@ricochet.net>
In-Reply-To: message-id <Pine.LNX.3.96.981209075056.16019A-100000@darkstar.localdomain>
of Wed, Dec 09 07:55:10 1998
Date: Thu, 10 Dec 1998 19:13:09 +1000
From: Tony Nugent <Tony.Nugent@usq.edu.au>
Resent-From: linux-security@redhat.com
Resent-Reply-To: linux-security@redhat.com
[mod: Some junk removed. -- REW]
tcp_wrappers itself is very secure... nigh near impossible to get around
it - unless it was poorly configured.
To make this post worthwhile, where is a snippit out of my own
/etc/hosts.deny file...
====8<------ cut out of /etc/hosts.deny ----------
# /etc/hosts/deny
#
# deny all, send an alert email to root...
ALL : ALL : \
banners /etc/banners/deny : \
spawn ( \
/bin/echo -e "\n\
TCP Wrappers\: Connection Refused\n\
By\: $(uname -n)\n\
Process\: %d (pid %p)\n\
\n\
User\: %u\n\
Host\: %c\n\
Date\: $(date)\n\
" | /bin/mail -s "$(uname -n) wrappers\: %d refused for %c" \
root@localhost ) &
====8<------ end of cut --------------------------
This will deny access to anyone not specifically allowed (from
/etc/hosts.allow), give banners message (specific for the daemon being
called - see the man pages), and generate a very informative mail message
sent to root. (You can add other recipients to that line, btw).
We have found this to be VERY useful here...
Cheers
Tony
-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-
Tony Nugent <Tony.Nugent@usq.edu.au> <linux@usq.edu.au>
Computer Systems Officer Faculty of Science
University of Southern Queensland, Toowoomba Oueensland Australia
-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-
--
----------------------------------------------------------------------
Please refer to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
----------------------------------------------------------------------
To unsubscribe:
mail -s unsubscribe linux-security-request@redhat.com < /dev/null
