- Community Home
- >
- Servers and Operating Systems
- >
- Legacy
- >
- Operating System - Tru64 Unix
- >
- Re: FTP Paranoia
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-10-2007 01:58 PM
12-10-2007 01:58 PM
We are seeing a number of errors with DNS reverse name resolution due to TRU64 using a 'paranoia' mode where a connection fails even when made using an ip address rather than a hostname. Is it it possible to run ftpd on a TRU64 server so that connections using ip addresses are not affected by DNS issues. I am aware that the correct solution is to fix the DNS issues, but unfortunately that doesn't look likely to happen.
Thanks,
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-10-2007 03:04 PM
12-10-2007 03:04 PM
			
				
					
						
							Re: FTP Paranoia
						
					
					
				
			
		
	
			
	
	
	
	
	
Any chance of letting us see them, too?
> [...] connection fails [...]
How, exactly?
From this description, it's hard for me to
tell what's happening. An FTP client with
no/bad reverse look-up has some kind of
problem connecting to the Tru64 FTP server?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-10-2007 03:16 PM
12-10-2007 03:16 PM
			
				
					
						
							Re: FTP Paranoia
						
					
					
				
			
		
	
			
	
	
	
	
	
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-10-2007 08:47 PM
12-10-2007 08:47 PM
			
				
					
						
							Re: FTP Paranoia
						
					
					
				
			
		
	
			
	
	
	
	
	
> hostname [...]
That's what I was trying to convey, but no
matter. I don't know of a good way to get
the ftpd not to care, nor a good way to make
the DNS resolver fail faster. Perhaps some
other FTP server is more easily/obviously
configurable in this neighborhood. If the
DNS problem were confined to a reasonably
small set of known clients, perhaps the easy
way out would be to add them to /etc/hosts:
add.re.ss.x lame_ftp_client_1
add.re.ss.y lame_ftp_client_2
[...]
(assuming that /etc/nsswitch.conf says
something like:
hosts: files dns nis
with "files" before "dns". (Also assuming
that your unspecified Tru64 version uses
nsswitch.conf.)
It's simple, crude, and potentially
effective. Who could ask for more?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-11-2007 05:38 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-11-2007 07:12 AM
12-11-2007 07:12 AM
			
				
					
						
							Re: FTP Paranoia
						
					
					
				
			
		
	
			
	
	
	
	
	
Cheers,
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-13-2007 03:16 AM
12-13-2007 03:16 AM
			
				
					
						
							Re: FTP Paranoia
						
					
					
				
			
		
	
			
	
	
	
	
	
Another thing to consider is whether you're running enhanced security...
Looking at the man page for matrix.conf:
http://h30097.www3.hp.com/docs/base_doc/DOCUMENTATION/V51A_HTML/MAN/MAN4/0106____.HTM
you can see that ftpd is affected by it. You may be able to tweek things in there to change how ftpd handles things...
Cheers,
Rob
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-13-2007 03:39 AM
12-13-2007 03:39 AM
			
				
					
						
							Re: FTP Paranoia
						
					
					
				
			
		
	
			
	
	
	
	
	
I'll check the C2 security stuff out though.
Bryan.
