19.6 Check TCP Wrapper ResponsesTCP Wrappers will log attempted connections which are denied due to the rules specified in /etc/hosts.allow and /etc/hosts.deny. TCP Wrappers will not log allowed connections because it assumes that the underlying service will log these if desired. The service name that appears after the host name is the seventh field in the /etc/inetd.conf file, which is "server program arguments." The tcpd program will strip up to the last slash, if any, when logging this name. This would be the name of the normal daemon, for example, in.telnetd. This is followed by the PID, in brackets, of the tcpd process that was started by inetd as specified in the /etc/inetd.conf file. The rest of the line will be refused connect from cracker.com, where cracker.com is the system whose request was denied. |
Top |