Board index Solaris

rpc.ttdbservers through tcpd fails

rpc.ttdbservers through tcpd fails

Post by Matus.Uh.. » Fri, 17 Dec 1999 04:00:00



Hello,
when I had rpc.ttdbserverd run through tcp wrapper (tcpd) it failed

Dec 16 12:00:30 svfsun inetd[130]: 100083[29809] from 147.232.23.6 32907
Dec 16 12:00:30 svfsun rpc.ttdbserverd[29809]: refused connect from unknown
Dec 16 12:00:36 svfsun rpc.ttdbserverd[29810]: warning: can't get client address : Transport endpoint is not connected
Dec 16 12:00:36 svfsun inetd[130]: 100083[29810] from 147.232.23.6 32907
Dec 16 12:00:36 svfsun rpc.ttdbserverd[29810]: refused connect from unknown
Dec 16 12:00:42 svfsun rpc.ttdbserverd[29811]: warning: can't get client address : Transport endpoint is not connected

etc etc
what's wrong here, is it impossible to run ttdbserverd through inetd ?
--
 Matus "fantomas" Uhlar, network manager at faculty of civil engineering
 of Technical University in Kosice, Slovakia

 
 
 
Top

rpc.ttdbservers through tcpd fails

Post by Casper H.S. Dik - Network Security Engine » Fri, 17 Dec 1999 04:00:00


[[ PLEASE DON'T SEND ME EMAIL COPIES OF POSTINGS ]]


>Hello,
>when I had rpc.ttdbserverd run through tcp wrapper (tcpd) it failed
>Dec 16 12:00:30 svfsun inetd[130]: 100083[29809] from 147.232.23.6 32907
>Dec 16 12:00:30 svfsun rpc.ttdbserverd[29809]: refused connect from unknown
>Dec 16 12:00:36 svfsun rpc.ttdbserverd[29810]: warning: can't get client address : Transport endpoint is not connected
>Dec 16 12:00:36 svfsun inetd[130]: 100083[29810] from 147.232.23.6 32907
>Dec 16 12:00:36 svfsun rpc.ttdbserverd[29810]: refused connect from unknown
>Dec 16 12:00:42 svfsun rpc.ttdbserverd[29811]: warning: can't get client address : Transport endpoint is not connected

I think tcpd may have trouble with "wait" style TLI connections;
the address logged by inetd will be random; it is just the last address logged
for a "nowait" service.

I don't think there's a TLI way or even a Socket way to "peek" at the
address that is connecting without doing a destructive "accept".

Once one connection has been let in, rpc.ttdbserverd will do all the
"accept"s itself.

You cannot "tcp wrap" "wait" connection oriented daemons.  I'll file
a bug on the misleading inetd log messages.

Casper
--
Expressed in this posting are my opinions.  They are in no way related
to opinions held by my employer, Sun Microsystems.
Statements on Sun products included here are not gospel and may
be fiction rather than truth.

 
 
 
Top

1. CDE & RPC & rpc.ttdbserver

Let's say I want to use CDE.  Let's say I don't want rpc.ttdbserverd
and rpcbind sitting on machine and doing nothing (other then waiting
for somebody to find out yet another buffer overflow).

How to do this?

In past it was possible to use CDE without ttdbserver (and RPC), but
it seems Sun has changed something...  Any workarounds or something?

--

Opinions expressed herein are my own.
Statements included here may be fiction rather than truth.

2. Apache: redirecting between two hosts

3. Security Vulnerability in rpc.ttdbserver (rev. 1)

4. NCSU LUG Linux Expo

5. core from rpc.ttdbserver

6. xemacs 20.4 configure make fails on AIX 4.3.0.0

7. Security Vulnerability in rpc.ttdbserver

8. help with dsniff

9. Can I switch of rpc.ttdbserver?

10. rpc.ttdbserver

11. SSRT2274 Potential Sec. Vulnerability in rpc.ttdbserver (rev.5)

12. Security Vulnerability in rpc.ttdbserver (rev.3)


All times are UTC
Board index