[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] SSH
- Subject: Re: [cobalt-security] SSH
- From: John Calderon <john@xxxxxxxxxxx>
- Date: Mon, 26 Nov 2001 12:32:46 -0800
- Organization: Timogen
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Terrance Dwyer wrote:
> Can anyone enlighten me as to the meaning of the following log messages.
> I'm seeing them with increasing frequency and can't seem to find info
> elsewhere.
>
> >From messages:
> www PAM_pwdb[3699]: check pass; user unknown
> www sshd[26755]: Did not receive identification string from 212.28.154.100
>
> and from secure:
> warning: /etc/hosts.deny, line 10: can't verify hostname:
> gethostbyname(pD9E11183.dip0.t-ipconnect.de
>
> Thanks
>
> T. Dwyer
>
> _______________________________________________
> cobalt-security mailing list
> cobalt-security@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-security
you need to have dns resolve to the same hostname forward and reverse
ie
192.168.100.1 - > mycomputer.place.com
mycomputer.place.com -> 192.168.100.1
you need to be incharge ( delegated to serve up 100.168.192.in-addr.arpa
network ) to modify those dns names.
john
or you can take out the option in hosts.allow/deny for
# check reverse dns == dns given
#ALL : PARANOID : RFC931 20 : deny