[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] SSH

Subject: Re: [cobalt-security] SSH
From: John Calderon <john@xxxxxxxxxxx>
Date: Mon, 26 Nov 2001 12:32:46 -0800
Organization: Timogen
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Terrance Dwyer wrote:

> Can anyone enlighten me as to the meaning of the following log messages.
> I'm seeing them with increasing frequency and can't seem to find info
> elsewhere.
>
> >From messages:
> www PAM_pwdb[3699]: check pass; user unknown
> www sshd[26755]: Did not receive identification string from 212.28.154.100
>
> and from secure:
> warning: /etc/hosts.deny, line 10: can't verify hostname:
> gethostbyname(pD9E11183.dip0.t-ipconnect.de
>
> Thanks
>
> T. Dwyer
>
> _______________________________________________
> cobalt-security mailing list
> cobalt-security@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-security

you need to have dns resolve to the same hostname forward and reverse

ie

192.168.100.1  - > mycomputer.place.com
mycomputer.place.com -> 192.168.100.1

you need to be incharge ( delegated to serve up 100.168.192.in-addr.arpa
network ) to modify those dns names.

john

or you can take out the option in hosts.allow/deny for
#  check reverse dns == dns given
#ALL : PARANOID : RFC931 20 : deny

References:
- [cobalt-security] SSH
  - From: Terrance Dwyer

Prev by Date: Re: [cobalt-security] Help changin Logcheck cron entries.
Next by Date: Re: [cobalt-security] neomail on RAQ02
Previous by thread: [cobalt-security] SSH
Next by thread: [cobalt-security] Re: ssh

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index