I start my pop-server popper over the inetd with the tcpwrapper and want to
deny every connection except the local network. I know about all the other possibilities but now I want to know how exactly the wrapper works.
Hi, the syntax of hosts.deny depends on your inetd.conf. Since you're using SuSE I guess your pop3 service is tcp-wrapped like this: pop3 stream tcp nowait root /usr/sbin/tcpd /usr/sbin/popper -s So the correct syntex of hosts.deny is: popper: ALL EXCEPT [priv. Networks/Hosts etc] You need to have a new line after the last statement in your hosts.deny - otherwise the statement will not have effect. Check your /var/log/warn You may notice: Sep 29 11:30:32 medusa popper[13975]: warning: /etc/hosts.deny, line 5: missing newline or line too long Kind regards Marek Stiefenhofer (Netzdienste/IT Security) ECOFIS GmbH Tel.: (02 31) 75 45-1 17 FAX : (02 31) 75 45-2 22 e-mail: m.stiefenhofer@ecofis.de Wir sind vom 6. bis 10. November auf der SYSTEMS 2000. Vereinbaren Sie einen Termin oder kommen Sie einfach spontan vorbei. ECOFIS GmbH: Halle B3 113/214 | ComNetMedia AG: Halle B3 314 Besuchen Sie auch unseren neuen Online-Dienst: http://www.alleco.de
participants (1)
-
Stiefenhofer, Marek ECOFIS