RE: /etc/hosts.deny "booby trap"

To: debian-user list <debian-user@lists.debian.org>
Subject: RE: /etc/hosts.deny "booby trap"
From: Pollywog <pollywog@shadypond.com>
Date: Sat, 11 Dec 1999 18:54:58 -0000 (UTC)
Message-id: <[🔎] XFMail.19991211185458.pollywog@shadypond.com>
Reply-to: Pollywog <pollywog@shadypond.com>
In-reply-to: <[🔎] 19991211093934.A9566@champagne>

On 11-Dec-1999 David Karlin wrote:
> Hello,
> The manpage of HOSTS_ACCESS has a section called "BOOBY TRAPS" which
> describes how to automatically to do a finger on a machine which
> is denied network via /etc/hosts.deny, and mail its output to root.
> 
> I'm attmpting to set this up so that any telnet request from outside
> my lan is denied and the output of a finger on the offending machine
> is sent to me.
> 
> Here are my access files:
> 
> /etc/hosts.deny:i
># next line is "booby trap" for denied telnet requests
> in.telnetd: ALL: (/usr/bin/finger -l @%h | /usr/bin/mail -s %d-%h root) &
> ALL: PARANOID
> ALL: ALL
> 
> /etc/hosts.allow:
> ALL: LOCAL, .my-net, 192.168.1.
> 
> Access seems to be denied (and granted) as I'd like it to be, but the
> "booby trap" doesn't seem to work.  I copied the example in the manpage
> for HOSTS_ACCESS, changing the things specific for my network, but it
> just doesn't seem to do the finger and mail the output.
> 
> Has anyone gotten this to work?

Try something like this:

ALL:ALL : spawn (echo Attempt from %h %a to %d at `date` | tee -a
/var/log/tcp.deny.log |mail your@emailaddresshere.com)

BTW it is all on one line, no carriage return.

--
Andrew

Reply to:

Follow-Ups:
- Re: /etc/hosts.deny "booby trap"
  - From: Mark Wagnon <mwagnon1@home.com>

References:
- /etc/hosts.deny "booby trap"
  - From: David Karlin <dkarlin@coloradomtn.edu>

Prev by Date: Re: Ispell module for html files
Next by Date: Re: Mail servers for large numbers of users
Previous by thread: /etc/hosts.deny "booby trap"
Next by thread: Re: /etc/hosts.deny "booby trap"
Index(es):
- Date
- Thread