RE: access logging for xinetd

Sorry about the confusion. After looking at what I wrote, I need to correct
myself anyway. Twist and spawn are options that you can use in
/etc/hosts.allow and /etc/hosts.deny. The spawn option can run a background
process that can be used to log connection attempts. Twist can echo a
message back to connecting clients. For example:

ALL : 192.168.0. : spawn /bin/echo/ `date` %c %d >> /var/log/connections.log

This would cause any connections from the 192.168.0.0/24 network to be
logged.

in.telnet.d : 192.168.0. : twist /bin/echo "Connection Refused"

This would echo a "Connection Refused" message back to users trying to
telnet to your machine from the 192.168.0.0/24 network.

Jay Berryman, RHCT, RHCE


This message and any attachments are intended only for the use of the
addressee and may contain information that is privileged and confidential.
If the reader of the message is not the intended recipient, or the
authorized agent of the intended recipient, you are hereby notified that any
dissemination of this communication is strictly prohibited. If you have
received this communication in error, please notify SITEL immediately by
telephone at 402.963.6001 and delete the message and any attachments from
your system. Thank you for your cooperation.




-----Original Message-----
From: redhat-list-bounces@xxxxxxxxxx [mailto:redhat-list-bounces@xxxxxxxxxx]
On Behalf Of Bill Tangren
Sent: Friday, September 22, 2006 4:27 PM
To: General Red Hat Linux discussion list
Subject: Re: access logging for xinetd

Jay Berryman wrote:
----Original Message-----
From: redhat-list-bounces@xxxxxxxxxx
[mailto:redhat-list-bounces@xxxxxxxxxx]
On Behalf Of Bill Tangren
Sent: Friday, September 22, 2006 4:07 PM
To: General Red Hat Linux discussion list
Subject: access logging for xinetd

Could someone point me in the direction of documentation that shows how to
do
access logging (logging of who is using the services and when) for xinetd
services?

Thanks!

Bill Tangren


If you just want to log the connection attempts, you can set a SENSOR trap
in the each of the xinetd services with a deny_time equal to zero. The
other thing you can do is to setup each service in /etc/hosts.allow or
/etc/hosts.deny and use the twist feature to log connection attempts.

twist feature?

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

Relevant Pages

  • RE: access logging for xinetd
    ... Subject: access logging for xinetd ... access logging for xinetd ... If the reader of the message is not the intended recipient, ... dissemination of this communication is strictly prohibited. ...
    (RedHat)
  • [Fwd: Xinetd 2.3.10 Memory Leaks]
    ... > Xinetd is a popular inetd replacement. ... > closed whenever a connection was rejected. ... > run via xinetd rejecting connections via tcp_wrappers. ... > handler is not invoked so the memory pointed to by cp is lost when the ...
    (FreeBSD-Security)
  • Re: ssh fails with xinetd
    ... I have a FreeBSD 6.2 system on which inetd was replaced with xinetd. ... spawned by inetd when there's a connection request. ... suffer serious abuse and unsuccessfully preserve the daemon. ...
    (comp.security.ssh)
  • Re: ssh fails with xinetd
    ... I have a FreeBSD 6.2 system on which inetd was replaced with xinetd. ... spawned by inetd when there's a connection request. ... service ssh ... suffer serious abuse and unsuccessfully preserve the daemon. ...
    (comp.security.ssh)
  • Re: Gateway load balance
    ... That way any internal flow can use any isp connection. ... I had a proxy server under Slackware on the LAN ... "This email is intended to be reviewed by only the intended recipient ... any review, use, dissemination, disclosure or copying of this email ...
    (freebsd-questions)