DaemonForums  

Go Back   DaemonForums > FreeBSD > FreeBSD General

FreeBSD General Other questions regarding FreeBSD which do not fit in any of the categories below.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 30th August 2009
sniper007's Avatar
sniper007 sniper007 is offline
Real Name: Jurif
Fdisk Soldier
 
Join Date: Jun 2008
Location: Slovenia
Posts: 50
Default Connection refused by tcp_wrappers

Hi guys!

Last few days I have noticed a lot of this message:

Quote:
Aug 29 16:56:54 fbsd7 apcupsd[806]: Connection from 79.117.16.19 refused by tcp_wrappers.
Aug 29 16:56:54 fbsd7 apcupsd[806]: warning: /etc/hosts.allow, line 37: can't verify hostname: getaddrinfo(79-117-16-19.rdsnet.ro, AF_INET) failed
Aug 29 16:57:14 fbsd7 apcupsd[806]: Connection from 79.117.16.19 refused by tcp_wrappers.
Aug 29 18:56:32 fbsd7 apcupsd[806]: warning: /etc/hosts.allow, line 37: can't verify hostname: getaddrinfo(79-117-16-19.rdsnet.ro, AF_INET) failed
Aug 29 18:56:52 fbsd7 apcupsd[806]: Connection from 79.117.16.19 refused by tcp_wrappers.
Aug 29 18:56:52 fbsd7 apcupsd[806]: warning: /etc/hosts.allow, line 37: can't verify hostname: getaddrinfo(79-117-16-19.rdsnet.ro, AF_INET) failed
Aug 29 18:57:12 fbsd7 apcupsd[806]: Connection from 79.117.16.19 refused by tcp_wrappers.
Aug 29 20:56:31 fbsd7 apcupsd[806]: warning: /etc/hosts.allow, line 37: can't verify hostname: getaddrinfo(79-117-16-19.rdsnet.ro, AF_INET) failed

This is 37 line from hosts.allow

Quote:
ALL : PARANOID : RFC931 20 : deny

I'd like to know what has this to do with apcupsd ?
__________________
If anything can go wrong, it will. If it can't, it will anyway
Reply With Quote
  #2   (View Single Post)  
Old 30th August 2009
BSDfan666 BSDfan666 is offline
Real Name: N/A, this is the interweb.
Banned
 
Join Date: Apr 2008
Location: Ontario, Canada
Posts: 2,223
Default

You're checking for spoofed addresses.. a side effect is that improperly configured hosts get blocked as well.

Quote:
Originally Posted by /etc/hosts.allow
# Protect against simple DNS spoofing attacks by checking that the
# forward and reverse records for the remote host match. If a mismatch
# occurs, access is denied, and any positive ident response within
# 20 seconds is logged. No protection is afforded against DNS poisoning,
# IP spoofing or more complicated attacks. Hosts with no reverse DNS
# pass this rule.
ALL : PARANOID : RFC931 20 : deny
So for some reason this host, an IP address of someone you've posted on a public forum.. is being caught by this rule.

FreeBSD enables this by default for some bizarre reason.. configuring a firewall and removing these hosts.{allow,deny} files would be a better idea.

Also see hosts_access(5) section "DETECTING ADDRESS SPOOFING ATTACKS" for more information.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
DHCP Cable Connection Fail fmgil OpenBSD General 4 1st September 2009 05:18 PM
test port connection carpman FreeBSD Security 5 9th February 2009 11:12 AM
Racoon: restarting a particular VPN connection bram85 General software and network 0 21st January 2009 12:33 PM
dual ISP connection problems tpprodigy OpenBSD General 1 25th May 2008 11:34 PM
KDE app for easy Wireless connection coppermine FreeBSD Ports and Packages 4 17th May 2008 07:33 PM


All times are GMT. The time now is 06:00 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick