LISTSERV - HP3000-L Archives

HP3000-L Archives

January 2003, Week 2

HP3000-L@RAVEN.UTC.EDU

	LISTSERV Archives
	HP3000-L Home
	HP3000-L January 2003, Week 2

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	AW: FTP Security via INETDSEC.NET.SYS
From:	KOIZAR Astrid <[log in to unmask]>
Reply To:	KOIZAR Astrid <[log in to unmask]>
Date:	Fri, 10 Jan 2003 17:26:42 +0100
Content-Type:	text/plain
Parts/Attachments:	text/plain (77 lines)

Greg is right, '\' (Backslash) works fine! 
So it was an error in the documentation.

> -----Ursprüngliche Nachricht-----
> Von:  Greg Skvorak [SMTP:[log in to unmask]]
> Gesendet am:  Freitag, 10. Jänner 2003 15:36
> An:   Astrid Koizar; [log in to unmask]
> Betreff:      Re:      FTP Security via INETDSEC.NET.SYS
> 
> Astrid,
> HP Configuring and Managing MPE/iX Services Manual states that the
> inetd.sec
> file (/var/adm/inetd.sec (link) INETDSEC.NET.SYS) works with a single line
> for allowing/denying a particular service and that a continuation line is
> made with a '/' as the last position of the line. This does not seem to
> work
> as
> advertised. My testing indicated that it is a backslash '\' as the final
> character on the line rather than a forward slash for the continuation
> character.
> 
> Greg Skvorak
> Beechglen Development, Inc.
> Cincinnati, Ohio
> ----- Original Message -----
> From: "Astrid Koizar" <[log in to unmask]>
> To: <[log in to unmask]>
> Sent: Friday, January 10, 2003 9:24 AM
> Subject: FTP Security via INETDSEC.NET.SYS
> 
> 
> Hi all!
> 
> We try to allow certain computers to connect to one of our HP3000 via FTP
> in the File INETDSEC.NET.SYS. As the list of IP-Adresses will exceed one
> line we tried to follow the editing tips (see below)
> 
> Internet Daemon
> inetd Security File
> Editing Tips
> 
> ...
> . To continue an entry on the next line, place a slash (/) at the end
> of the line to be continued. The Internet daemon will ignore a
> slash that appears in the middle of the line, continue reading to the
> end, and ignore the next line. In this case, it will probably
> misinterpret the entry and you will see an error message.
> 
> our file looks like
> 
> ftp deny *
> ftp allow x.x.x.x a.a.a.a ... /
> b.b.b.b c.c.c.c
> 
> ip-adresses in the first line (x.x.x.x and a.a.a.a) are allowed to
> connect,
> whereas ip-adresses in the second line are never allowed. i tried to put
> the slash in column 80 as well, checked with vi-editor if it was at the
> end
> of the line, whatever ...
> 
> after trying to connect from an adress in the second line the STDLIST of
> Job Jinetd shows
> 
> Received call for: ftp tcp
> /usr/adm/inetd.sec: allow/deny field does not have a valid entry for
> b.b.b.b  (b.b.b.b is the first adress in the continuation line).
> 
> any help highly appreciated!
> 
> * To join/leave the list, search archives, change list settings, *
> * etc., please visit http://raven.utc.edu/archives/hp3000-l.html *
> 

* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *

ATOM RSS1 RSS2

RAVEN.UTC.EDU