SUMMARY: Solaris 7 and TCP_Wrapper

From: White, Bob <>
Date: Fri Mar 20 2009 - 09:24:41 EDT
Thanks to all who responded, and especially to John Heiden and Ric
Anderson for suggestions on tracking this down.

The answer was to add this line to the syslog.conf file:				/var/adm/messages

Now I get messages about ftp access.

Thanks again everyone.

Original messages follows:
The cyber security people here came down and dinged me because my
Solaris 7 system didn't have the 23 line banner coming up that warned
people of dire consequences should they be unauthorized to continue.  It
was suggested that I get the TCP_Wrappers package and get it working on
my systems.

I got the 7.6 version, got it compiled, changed the inetd.conf file as
called for, got the banner file created, and bingo, I have an approved
banner popping up when I ftp to that system.  Nevermind that I am the
only one who ever ftp's into it, that is besides the point.

So what is the problem?  The documentation says that ftp attempts and
successes are logged to a file.  I can't find any file with any such
info.  Where could it be going?  The syslogd service is running, and
this is the syslog.conf file.

    *.err;kern.notice;auth.notice   /dev/sysmsg
    *.err;kern.debug;daemon.notice;mail.crit /var/adm/messages
    auth.notice     /var/adm/secure.log

    *.alert;kern.err;daemon.err   operator
    *.alert      root

    *.emerg      *

    mail.debug   ifdef(`LOGHOST', /var/log/syslog, @loghost)

I've looked in all the files listed, and there is nothing in any of them
on ftp access.  I have rebooted since setting up the tcp_wrappers, and
still can't find anything.

Any help would be appreciated.

Bob White
M/S NLV075
Office: 702-295-2939
Cell: 702-630-0352
Pager: 702-794-1809
Fax: 702-295-2934
sunmanagers mailing list
Received on Fri Mar 20 08:25:24 2009

This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:44:13 EST