On Mon, 2008-07-07 at 15:28 -0700, MHR wrote:
On Mon, Jul 7, 2008 at 3:04 PM, William L. Maltby CentOS4Bill@triad.rr.com wrote:
I figure you've probably checked this already, but is rcpwrappers installed?
No, not on either system (what is rcpwrappers?).
A typoed tcpwrappers <*blush*>. I'm sorry for that.
If so, are hosts.deny and hosts.allow setup good? I suspect so - I think I saw you had some kind of successful connect earlier in the thread.
They're fine. In fact, sushi is in khan's /etc/hosts file explicitly, and khan thinks it's on ocroads.com:
That file is not related to tcpwrappers. The /etc/hosts.{allow,deny} are effective if tcpwrappers is in use.
# rpm -q tcp_wrappers tcp_wrappers-7.6-40.4.el5
IIRC, this is usually installed by default? It's almost become a mandatory for increased security.
But as I mentioned, I'm not sure this is needed or in use since you did have some kind of good connection.
JIC ----------------------------------------------------- # rpm -q --info tcp_wrappers <snip> Summary : A security tool which acts as a wrapper for TCP daemons. Description : The tcp_wrappers package provides small daemon programs which can monitor and filter incoming requests for systat, finger, FTP, telnet, rlogin, rsh, exec, tftp, talk and other network services.
Install the tcp_wrappers program if you need a security tool for filtering incoming network services requests. -----------------------------------------------------
Also, check out "man portmap" and "man rpcdebug". I don't know if they'll help.
Oh! IJR, do this thing after running makewhatis as root.
$ man -k rpc <snip useless stuff> portmap (8) - DARPA port to RPC program number mapper portmap (rpm) - A program which manages RPC connections. rpc (3) - library routines for remote procedure calls rpc (5) - rpc program number data base rpc.gssd [gssd] (8) - rpcsec_gss daemon rpc.idmapd [idmapd] (8) - NFSv4 ID <-> Name Mapper rpc.lockd [lockd] (8) - start kernel lockd process rpc.mountd [mountd] (8) - NFS mount daemon rpc.nfsd [nfsd] (8) - NFS server process rpc.rquotad [rquotad] (8) - remote quota server rpc.statd [statd] (8) - NSM status monitor rpc.svcgssd [svcgssd] (8) - server-side rpcsec_gss daemon rpcdebug (8) - set and clear NFS and RPC kernel debug flags rpcinfo (8) - report RPC information
I can't recall if your problem is one of those "worked on 5.1 but now..." problems. If so, maybe the prior had tcpwrappers setup and now you don't?
[mrichter@khan mrichter]$ hostname -f khan.ocroads.com
Have you run with the -d parameter?
Nothing new (actually, nothing at all).
?!?
mhr
<snip sig stuff>
BTW, IUC, there are several points at which connection can be refused. Service not running, firewall, tcpwrappers, ... that general purpose daemon that dispatches programs for remote requests like ftp, that I can't remember the name of ATM.
HTH