[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: tcp wrapper



I think Tim asked about tcp wrappers a bit ago (sorry, already deleted
it).  The hosts_options man page has details on the severity option so you
can change the logging of each line in your hosts.allow|deny (I know this
can be tedious).  E.g.:

1) add the /var/log/tcpd.log
2) edit /etc/syslog.conf and add a local0
3) restart syslogd
4) edit /etc/hosts.allow|deny

in.telnetd:ALL: severity local0.notice: spawn (/usr/sbin/safe_finger @%h \
 | /usr/bin/mail -s "telnet from %h" bhmit1): ALLOW

Note, this is overlogging in my opinion, but I prefer ssh over telnet, so
a bit of mail never hurts either.

Enjoy,
Brandon

-----
Brandon Mitchell <bhmit1@mail.wm.edu>   "We all know linux is great... it
PGP: finger -l bhmit1@cs.wm.edu          does infinite loops in 5 seconds"
Phone: (757) 221-4847                      --Linus Trovalds


--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .


Reply to: