Linux Telnet Daemon security setup problem with a Windows client

Linux Telnet Daemon security setup problem with a Windows client

Post by Steve » Mon, 12 Jun 2000 04:00:00



A funny little question for you all....

I have a little LAN set up at home: a Linux client (Mandrake 7.0), a
Win98 client and a linux box acting as a dial on demand, masquarading
router for the other two (redhat 6.2).

Everything appears to work fine on the ping side but I'm having problems
with telnet connections from the windows box to the router box and
security set via the /etc/hosts.allow file.

A few more details:

The local subnet is 192.168.1.0 - the linux router is 192.168.1.1, the
linux client is 192.168.1.10 and the windows box is 192.168.1.11 (all
masks are 255.255.255.0)

The linux router has an /etc/hosts file of:

127.0.0.1             localhost localhost.privatedomain
192.168.1.1           modemrouter.privatedomain modemrouter
192.168.1.10          linuxclient.privatedomain linuxclient
192.168.1.11          win.privatedomain win

It also runs as a caching nameserver.

The /etc/hosts.deny file on the router denies all, the /etc/hosts.allow
is:

in.telnetd:  LOCAL, .privatedomain
in.rshd: LOCAL, .privatedomain

Now. if I telent in from the linux clinet (192.168.1.10) then all is
fine. However, if I telnet in from the windows box, it gets connection
refused and the /var/log/secure log contains:

May 21 06:26:28 modemrouter in.telnetd[472]: warning: /etc/hosts.allow,
line 6: can't verify hostname: gethostbyname(win.privatedomain) failed
May 21 06:26:28 modemrouter in.telnetd[472]: refused connect from
192.168.1.11

Note: line 6 of hosts.allow is the above line for telnetd.

The win box is set up with the static IP of 192.168.1.11 (and can ping
nicely thankyou)
It uses dns, hostmane: win, domain privatedomain, dns server 192.168.1.1
It has a gateway set as 192.168.1.1

Any ideas more than welcome....

Cheers

Steve

Sent via Deja.com http://www.deja.com/
Before you buy.