On Mon, 2008-07-07 at 15:28 -0700, MHR wrote: > On Mon, Jul 7, 2008 at 3:04 PM, William L. Maltby > <CentOS4Bill at triad.rr.com> wrote: > > > > I figure you've probably checked this already, but is rcpwrappers > > installed? > > No, not on either system (what is rcpwrappers?). A typoed tcpwrappers <*blush*>. I'm sorry for that. > > > If so, are hosts.deny and hosts.allow setup good? I suspect > > so - I think I saw you had some kind of successful connect earlier in > > the thread. > > > They're fine. In fact, sushi is in khan's /etc/hosts file explicitly, > and khan thinks it's on ocroads.com: That file is not related to tcpwrappers. The /etc/hosts.{allow,deny} are effective if tcpwrappers is in use. # rpm -q tcp_wrappers tcp_wrappers-7.6-40.4.el5 IIRC, this is usually installed by default? It's almost become a mandatory for increased security. But as I mentioned, I'm not sure this is needed or in use since you did have some kind of good connection. JIC ----------------------------------------------------- # rpm -q --info tcp_wrappers <snip> Summary : A security tool which acts as a wrapper for TCP daemons. Description : The tcp_wrappers package provides small daemon programs which can monitor and filter incoming requests for systat, finger, FTP, telnet, rlogin, rsh, exec, tftp, talk and other network services. Install the tcp_wrappers program if you need a security tool for filtering incoming network services requests. ----------------------------------------------------- Also, check out "man portmap" and "man rpcdebug". I don't know if they'll help. Oh! IJR, do this thing after running makewhatis as root. $ man -k rpc <snip useless stuff> portmap (8) - DARPA port to RPC program number mapper portmap (rpm) - A program which manages RPC connections. rpc (3) - library routines for remote procedure calls rpc (5) - rpc program number data base rpc.gssd [gssd] (8) - rpcsec_gss daemon rpc.idmapd [idmapd] (8) - NFSv4 ID <-> Name Mapper rpc.lockd [lockd] (8) - start kernel lockd process rpc.mountd [mountd] (8) - NFS mount daemon rpc.nfsd [nfsd] (8) - NFS server process rpc.rquotad [rquotad] (8) - remote quota server rpc.statd [statd] (8) - NSM status monitor rpc.svcgssd [svcgssd] (8) - server-side rpcsec_gss daemon rpcdebug (8) - set and clear NFS and RPC kernel debug flags rpcinfo (8) - report RPC information I can't recall if your problem is one of those "worked on 5.1 but now..." problems. If so, maybe the prior had tcpwrappers setup and now you don't? > > [mrichter at khan mrichter]$ hostname -f > khan.ocroads.com > > > Have you run with the -d parameter? > > > > Nothing new (actually, nothing at all). > > ?!? > > mhr > <snip sig stuff> BTW, IUC, there are several points at which connection can be refused. Service not running, firewall, tcpwrappers, ... that general purpose daemon that dispatches programs for remote requests like ftp, that I can't remember the name of ATM. HTH -- Bill