Re: tcp wrapper
Brandon Mitchell wrote:
>
> I think Tim asked about tcp wrappers a bit ago (sorry, already deleted
> it). The hosts_options man page has details on the severity option so you
> can change the logging of each line in your hosts.allow|deny (I know this
> can be tedious). E.g.:
>
> 1) add the /var/log/tcpd.log
> 2) edit /etc/syslog.conf and add a local0
> 3) restart syslogd
> 4) edit /etc/hosts.allow|deny
>
> in.telnetd:ALL: severity local0.notice: spawn (/usr/sbin/safe_finger @%h \
> | /usr/bin/mail -s "telnet from %h" bhmit1): ALLOW
>
> Note, this is overlogging in my opinion, but I prefer ssh over telnet, so
> a bit of mail never hurts either.
This is exactly what I needed to know. On the machines (other than
Debian) I've built tcp wrappers on, I always log to local0. I never
knew you could do it from within hosts.allow|deny!
Thanks,
Tim
--
(work) sailer@bnl.gov / (home) tps@buoy.com - http://www.buoy.com/~tps
"It is a damned poor mind indeed that can't think of at
least two ways of spelling any word."
Andrew Jackson
** Disclaimer: My views/comments/beliefs, as strange as they are, are my own.**
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org .
Trouble? e-mail to templin@bucknell.edu .
Reply to: