HPE Community
Operating System - HP-UX
1753774 Members
7205 Online
108799 Solutions
New Discussion юеВ

Re: tcp wrappers and user info

 
George Spencer
Occasional Contributor

тАО03-03-2003 02:14 AM

тАО03-03-2003 02:14 AM

tcp wrappers and user info

I have installed the tcp wrappers on two of our HP systems, and notice that when I connect from some HP hosts the connect information consists of user@hostname, while others only supply hostname. The HP-UX ver 10 systems appear to supply user@hostname but the ver 11 systems are variable. One HP-UX ver 11 system will only supply hostname on the first connection, but will then supply user@hostname for subsequent connections. Checking the ident server, these possess identical CRC's on servers supplying user@hostname or hostname; so I assume that ident is not the culprit.

The inetd.conf files appear to be identical or nearly identical, and we do not use inetd.sec; so what am I missing?
0 Kudos
Reply
3 REPLIES 3
Jose Mosquera
Honored Contributor

тАО03-03-2003 11:47 AM

тАО03-03-2003 11:47 AM

Re: tcp wrappers and user info

Hi,

What about of your /etc/ftpd/ftpaccess?

On 10.20 you need have been setup a wu_ftpd software.

For detailed info pls chk "man ftpaccess"

Rgds.
0 Kudos
Reply
Chris Wong
Trusted Contributor

тАО03-03-2003 12:07 PM

тАО03-03-2003 12:07 PM

Re: tcp wrappers and user info

Is the rfp931 setting the same in both tcpd.conf files?

- Chris
0 Kudos
Reply
George Spencer
Occasional Contributor

тАО03-04-2003 01:26 AM

тАО03-04-2003 01:26 AM

Re: tcp wrappers and user info

Both hosts using the tcp wrappers have user lookup enabled, RFC 931 (or similar)was the one mentioned in the wrappers, though I think that this has now been superseded (see man identd).

It is the hosts connecting to these wrapped systems which show the variablity in whether the connection is logged as user@hostname or merely hostname. The reason I am trying to achieve the more detailed user@hostname info is that it is much more useful for identifying users who are permitted to make a particular type of connection; and blocking all others (rlogin, remsh, & rexec in particular).

The thing I find hard to understand is why one of the connecting hosts changes its connect information; I would have expected the same information to be supplied each time it connects. I can understand that HP could consider giving out the user name is a security risk, but why do some systems still give it out, others protect it, and one changes its mind.

I suspect that some patch has blocked it on some of the systems; but this is only a guess. A patch would not explain why one host changes the information supplied, so a timeout problem is my second guess. I was not testing FTP connections, so I did not consider /etc/ftpusers to be involved. Will check tomorrow.

Microsoft systems never seem to supply user details on a connection; another broken standard.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.