Hello,
We have a DU 4.0 system acting as an FTP server. We have the enhanced
security packages installed. We have a customer who changed ISPs and now
they can no longer connect to our system.
My hunch is that as part of the C2 security, our system is doing reverse
lookups and the customer is now coming from an IP address that doesn't
resolve correctly and that is why their connection attempts are failing.
I checked auth.log; there were a bunch of entries like this:
May 10 13:13:18 gateway syslog: gethostby*.getanswer: asked for
"194.166.96.209.in-addr.arpa IN PTR", got type "CNAME"
May 10 13:13:18 gateway syslog: gethostby*.getanswer: asked for
"194.166.96.209.in-addr.arpa", got "194.192/26.166.96.209.in-addr.arpa"
I'm not sure what to make of those entries.
Our hosts.allow doesn't have any restrictions for FTP.
Is my hunch correct? Is there anything I can do to permit access that
doesn't totally undermine our network security? And what do those entries in
the auth.log file really mean?
As always, thanks so much for the help!
Regards,
Jon
--
Jon Wright
Altra Software Services, Inc.
voice: 425-814-4019
fax: 425-814-4001
mailto:jwright_at_altra.com
Received on Thu May 11 2000 - 00:58:43 NZST