- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: tcp wrappers and user info
Operating System - HP-UX
1753774
Members
7205
Online
108799
Solutions
Forums
Categories
Company
Local Language
юдл
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
юдл
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-03-2003 02:14 AM
тАО03-03-2003 02:14 AM
tcp wrappers and user info
I have installed the tcp wrappers on two of our HP systems, and notice that when I connect from some HP hosts the connect information consists of user@hostname, while others only supply hostname. The HP-UX ver 10 systems appear to supply user@hostname but the ver 11 systems are variable. One HP-UX ver 11 system will only supply hostname on the first connection, but will then supply user@hostname for subsequent connections. Checking the ident server, these possess identical CRC's on servers supplying user@hostname or hostname; so I assume that ident is not the culprit.
The inetd.conf files appear to be identical or nearly identical, and we do not use inetd.sec; so what am I missing?
The inetd.conf files appear to be identical or nearly identical, and we do not use inetd.sec; so what am I missing?
3 REPLIES 3
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-03-2003 11:47 AM
тАО03-03-2003 11:47 AM
Re: tcp wrappers and user info
Hi,
What about of your /etc/ftpd/ftpaccess?
On 10.20 you need have been setup a wu_ftpd software.
For detailed info pls chk "man ftpaccess"
Rgds.
What about of your /etc/ftpd/ftpaccess?
On 10.20 you need have been setup a wu_ftpd software.
For detailed info pls chk "man ftpaccess"
Rgds.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-03-2003 12:07 PM
тАО03-03-2003 12:07 PM
Re: tcp wrappers and user info
Is the rfp931 setting the same in both tcpd.conf files?
- Chris
- Chris
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-04-2003 01:26 AM
тАО03-04-2003 01:26 AM
Re: tcp wrappers and user info
Both hosts using the tcp wrappers have user lookup enabled, RFC 931 (or similar)was the one mentioned in the wrappers, though I think that this has now been superseded (see man identd).
It is the hosts connecting to these wrapped systems which show the variablity in whether the connection is logged as user@hostname or merely hostname. The reason I am trying to achieve the more detailed user@hostname info is that it is much more useful for identifying users who are permitted to make a particular type of connection; and blocking all others (rlogin, remsh, & rexec in particular).
The thing I find hard to understand is why one of the connecting hosts changes its connect information; I would have expected the same information to be supplied each time it connects. I can understand that HP could consider giving out the user name is a security risk, but why do some systems still give it out, others protect it, and one changes its mind.
I suspect that some patch has blocked it on some of the systems; but this is only a guess. A patch would not explain why one host changes the information supplied, so a timeout problem is my second guess. I was not testing FTP connections, so I did not consider /etc/ftpusers to be involved. Will check tomorrow.
Microsoft systems never seem to supply user details on a connection; another broken standard.
It is the hosts connecting to these wrapped systems which show the variablity in whether the connection is logged as user@hostname or merely hostname. The reason I am trying to achieve the more detailed user@hostname info is that it is much more useful for identifying users who are permitted to make a particular type of connection; and blocking all others (rlogin, remsh, & rexec in particular).
The thing I find hard to understand is why one of the connecting hosts changes its connect information; I would have expected the same information to be supplied each time it connects. I can understand that HP could consider giving out the user name is a security risk, but why do some systems still give it out, others protect it, and one changes its mind.
I suspect that some patch has blocked it on some of the systems; but this is only a guess. A patch would not explain why one host changes the information supplied, so a timeout problem is my second guess. I was not testing FTP connections, so I did not consider /etc/ftpusers to be involved. Will check tomorrow.
Microsoft systems never seem to supply user details on a connection; another broken standard.
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
News and Events
Support
© Copyright 2024 Hewlett Packard Enterprise Development LP