[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Xinetd râle beaucoup

Lorsque je me connecte à Internet, Xinetd m'envoie environ une dizaine
de lignes par minute lignes comme ci-dessous dans les fichiers de log :

Jan 30 21:14:54 bazooka xinetd[6168]: libwrap refused connection to \
     ident from <no address>
Jan 30 21:14:54 bazooka xinetd[6169]: libwrap refused connection to \
     ident from <no address>
Jan 30 21:14:54 bazooka xinetd[6170]: libwrap refused connection to \
     ident from <no address>
Jan 30 21:14:54 bazooka xinetd[6171]: libwrap refused connection to \
     ident from <no address>
...
Jan 30 21:14:54 bazooka xinetd[6168]: warning: can't get client \
    address: Transport endpoint is not connected
Jan 30 21:14:54 bazooka xinetd[6168]: libwrap refused connection \
    to ident from <no address>
Jan 30 21:14:54 bazooka xinetd[6169]: warning: can't get client \
    address: Transport endpoint is not connected
Jan 30 21:14:54 bazooka xinetd[6169]: libwrap refused connection \
    to ident from <no address>
Jan 30 21:14:54 bazooka xinetd[6170]: warning: can't get client \
    address: Transport endpoint is not connected
Jan 30 21:14:54 bazooka xinetd[6170]: libwrap refused connection \
    to ident from <no address>
Jan 30 21:14:54 bazooka xinetd[6171]: warning: can't get client \
    address: Transport endpoint is not connected
Jan 30 21:14:54 bazooka xinetd[6171]: libwrap refused connection \
    to ident from <no address>
Jan 30 21:14:54 bazooka xinetd[607]: Deactivating service ident \
    due to excessive incoming connections.  Restarting in 10 seconds.
Jan 30 21:15:04 bazooka xinetd[607]: Activating service ident

(les lignes sont coupées volontairement à moins de 72 caractères)

Iptables est activé. Le site www.grc.com (Shields Up) m'indique que tous
les ports sont fermés.

Tout le trafic Internet se passe normalement (Web, FTP passif, pop3,
smtp, nntp, ntp,..)

Voici mes fichiers hosts.allow et hosts.deny :

# /etc/hosts.allow: list of hosts that are allowed to access the system.
#-- leafnode begin
leafnode: 127.0.0.1
#-- leafnode end
ALL: 127.0.0.1
sshd, smbd, proftpd, swat: 192.168.13.

# /etc/hosts.deny: list of hosts that are _not_ allowed to access the
ALL: ALL
#-- leafnode begin
leafnode: ALL
#-- leafnode end

Mon réseau local est bien en 192.168.13.0
J'ai aussi logchecks et snort qui tournent.

D'où proviennent toutes ces lignes d'erreur ?

Merci par avance.
Reply to: