From: Paul Jakma (paul at domain clubi.ie)
Date: Mon 03 May 1999 - 23:51:24 IST
On Mon, 3 May 1999, Firestart wrote:
can someone tell me what im doing wrong here:
---hosts.deny---
ALL:ALL:\
banners /etc/banners/deny:\
spawn ( \
/bin/echo -e "\n\
TCP Wrappers\: Connection Refused\n\
By\: $(uname -n)\n\
Process\: %d (pid %p)\n\
\n\
User\: %u\n\
Host\: %c\n\
Date\: $(date)\n\
" | /bin/mail -s "$(uname -n) wrappers\: %d refused for %c" \
root at domain localhost ) &
---hosts.deny---
it dosent seem to work
does anyone have any better idea's for something to use?
this is from the man page, about how shell scripts are executed:
The result is executed by a /bin/sh child process with standard
input, output and error connected to /dev/null.
anyway, i don't think there's anyway to redirect a file descriptor,
(eg the output from your programme), to a socket. the banner
programme would specifically need to open a socket . there's also no
way for an exec'ed process to inherit a socket, so tcp_wrappers could
not pass the socket on the shell programme, so there's no opportunity
for a process to write a warning message to the original socket. if
the socket is still open, your programme doesn't have a handle to it,
and if the socket is closed... it's too late.
something that would be cool is to automatically run a winnuke,
teardrop, land, etc.. against anybody who tries to connect to any
important ports... (evil grin)
-- Paul Jakma paul at domain clubi.ie http://hibernia.clubi.ie PGP5 key: http://www.clubi.ie/jakma/publickey.txt ------------------------------------------- Fortune: If a subordinate asks you a pertinent question, look at him as if he had lost his senses. When he looks down, paraphrase the question back at him.
This archive was generated by hypermail 2.1.6 : Thu 06 Feb 2003 - 13:04:10 GMT