Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!munnari.OZ.AU!news.ecn.uoknor.edu!news.eng.convex.com!newshost.convex.com!newsgate.duke.edu!news.mathworks.com!newsfeed.internetmci.com!news.sprintlink.net!news-stk-200.sprintlink.net!news.sprintlink.net!new-news.sprintlink.net!newsreader.sprintlink.net!news.sprintlink.net!news-pen-4.sprintlink.net!southwind.net!jade!stehman From: stehman@jade.southwind.net (Jeff Stehman) Newsgroups: comp.unix.bsd.bsdi.misc Subject: Re: Tcp Wrapper Date: 12 Jul 1996 15:56:22 GMT Organization: SouthWind Internet Access, Inc. Lines: 22 Message-ID: <4s5sj6$i1m@opal.southwind.net> References: <31E5C432.3A25@soonet.ca> NNTP-Posting-Host: jade.southwind.net X-Newsreader: TIN [version 1.2 PL2] Don Joy (joydon@soonet.ca) wrote: : I'm using bsd 2.1 and i'm running tcp wrapper to limit who can access : services, especially telnet. It works great except if someone telnets : in using a port parameter such as "telnet host 119". In this case, the : access list seems to be bypassed entirely and they are givin access : where they wouldn't normally have been. Anyone have a workaround for : this. Thanks. When they telnet to a port other than 23, they are not talking to telnetd and therefore not talking to its wrapper. Tcp wrapper only works for servers started by inetd. With others you'll need to use their native security or use a different wrapper or modify it to do what you want. You mentioned 119 (news), which is a good example. If you're running innd you can restrict access through various innd config files. (I'm sure you can with other news software, too, I'm just not familiar with them.) -- Jeff Stehman Senior Systems Administrator stehman@southwind.net SouthWind Internet Access, Inc. voice: (316)263-7963 Wichita, KS URL for Wichita Area Chamber of Commerce: http://www.southwind.net/ict/