Telnet & FTP - host name/name mismatch

Telnet & FTP - host name/name mismatch

Post by James R. Sheridan-Pete » Thu, 27 Jun 1996 04:00:00



I've got access to a site that is behind a firewall and that seems to
be incorrectly configured.  When I try to telnet or ftp from that site
to my site I get refused and the following log entry gets written :

syslog:Jun  3 14:49:54 exodus wu.ftpd[186]: warning: host name/name
mismatch: unknown.sitename.int != sitename1.sitename.int

Anyone know what I can do from MY end to get around this?  I'll have
no luck in getting the sysadmin to change the setup on the other end.
Can I tell my system to accept sites that don't match?  Should I?  Can
I do it on a per site basis?  Thanks!

James
______________________________________________________________________


 
 
 

Telnet & FTP - host name/name mismatch

Post by Leslie M. Barstow I » Fri, 28 Jun 1996 04:00:00



: I've got access to a site that is behind a firewall and that seems to
; be incorrectly configured.  When I try to telnet or ftp from that site
: to my site I get refused and the following log entry gets written :

: syslog:Jun  3 14:49:54 exodus wu.ftpd[186]: warning: host name/name
; mismatch: unknown.sitename.int != sitename1.sitename.int

; Anyone know what I can do from MY end to get around this?  I'll have
: no luck in getting the sysadmin to change the setup on the other end.
; Can I tell my system to accept sites that don't match?  Should I?  Can
: I do it on a per site basis?  Thanks!

This is a mesage from TCP Wrappers.  TCP Wrappers verifies that the IP
address and hostname map to each other in DNS (this prevents spoofing for
programs like the r* commands, which base priviledge on your hostname).

It is not *good* to remove this, but it is possible (machines ran for
years before Wietse wrote this, but that was then, this is the age of IP
spoofing).  Edit /etc/inetd.conf and remove the /usr/sbin/tcpd portion of
the ftp and telnet entries.

--
Leslie M. Barstow III             | "How may I be honest with you today"

Faerealm: the future of PBM *| Do not reply to FastCash or MakeMoneyFast
PGP key available upon request    | schemes on the net.  They are scams!

 
 
 

1. tcp_wrappers and host name/name mismatch problems

I had this problem before, but I think I had entries in DNS for the hosts in
question.

I have no entries anymore, and I am still having problems.

I telnet to 'peak.org' (all real hostnames).  The actual host I log into is
'kira.peak.org'  Then I try to rlogin/telnet back to my machine and get

Jan 20 12:30:35 rlogind[25306]: warning: host name/name mismatch: peak.org !=
kira.peak.org
Jan 20 12:30:35 rlogind[25306]: refused connect from 198.68.22.17

Jan 20 12:30:45 telnetd[25307]: warning: host name/name mismatch: peak.org !=
kira.peak.org
Jan 20 12:30:45 telnetd[25307]: refused connect from 198.68.22.17

% nslookup kira.peak.org
Non-authoritative answer:
Name:    PEAK.ORG
Address:  198.68.22.17
Aliases:  kira.peak.org

% nslookup peak.org
Non-authoritative answer:
Name:    peak.org
Address:  198.68.22.17

Other than removing the -DPARANOID, what can I do?

TjL

--
My FROM address is fake.  Too much spam.  
I will check for followups.
If you want to email me, remove the spaces and use this address:

2. cl?turer compte

3. host name/name mismatch

4. endian problem

5. tcp_wrappers - host name/name mismatch - why?

6. X CD Roast Question

7. Host name, primary name, domain name...?

8. Help With Setting Up X with a Voodoo3 3000....TIA

9. Server Domain name & Host name

10. nslookup works; telnet/ftp require IP #'s (can't process host names)

11. Host name/address mismatch

12. URGENT: strange host name mismatch

13. warning: host name/address mismatch: