Thanks for the suggestions of making sure /etc/hosts.allow and
/etc/hosts.deny are setup correctly, checking /etc/inetd.conf (and kill
-HUP of inetd), and using tcpdchk and tcpdmatch to check for problems and
do testing.
The problem was the user was coming through using SSH... which is not in
inetd.conf. All access in inetd.conf WAS disallowed for him as it should
have been.
Do I just add a similar line into inetd.conf for ssh then for it to be
wrapped as well?
Thanks,
--Dan
...
> options... and set hosts.allow to only the local subnet .phy.syr.edu, and
> hosts.deny to ALL:ALL
>
> I try and can't get in from my home cable roadrunner, good.
> I have someone legitimately coming in from china,
> 202.116.84.110/denali.zsu.edu.cn (nslookup: can't find 202.116.84.110:
> Non-existent host/domain) and it lets him in!--- BAD
--------------------------------------------------------------------------
Dan Kirkpatrick dkirk_at_phy.syr.edu
Computer Systems Manager
Department of Physics
Syracuse University, Syracuse, NY
http://www.phy.syr.edu/~dkirk Fax: (315) 443-9103
--------------------------------------------------------------------------
Received on Wed Jan 26 2000 - 17:19:22 NZDT