Re: heard all the who-haha? (DNS resolver problems)

[Donovan Baarda <abo@minkirri.apana.org.au>]

On Tue, 12 Aug 1997, Al Youngwerth wrote:

[snip]
> 
> I believe it's your tcp wrappers in inetd.conf. If you aren't using the
> security features that tcp wrappers gives you, just edit your inetd.conf
> file so it doesn't use tcpd:
> 
> From:
> 
> telnet stream tcp nowait root /usr/sbin/tcpd /usr/sbin/in.telnetd
> 
> To:
> 
> telnet stream tcp nowait root /usr/sbin/in.telnetd
> 
> Keep in mind that, short of your firewall rules, this will allow anyone to
> receive a login prompt to your machine from the Internet.
> 
which is why it is a bad idea. This is yet again only an attempt to bypass
the problem, not fix the cause. 

As it turns out, it looks like this would not work anyway, at least 
for "who". It looks like the delay is not caused by the DNS lookups for
the "ALL:PARANIOD" validation by tcpd, but by who attempting to do a DNS
lookup of an invalid hostname.

However, in the case of the problems with telnet, it looks like something
different is going on. The fact that adding the host to your /etc/hosts
file seemed to fix it tends to suggest that there is some other problem
with your bind configuration.

ABO


--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .