sshd[16983]: warning: /etc/hosts.allow, line 23: host name/name mismatch: reverse lookup results in non-FQDN 19
а вот это 23 строка
ALL : ALL : allowчто такое могло ему не понравиться?
>sshd[16983]: warning: /etc/hosts.allow, line 23: host name/name mismatch: reverse lookup results in
>non-FQDN 19
> а вот это 23 строка
>ALL : ALL : allow
>
>что такое могло ему не понравиться?
# Protect against simple DNS spoofing attacks by checking that the
# forward and reverse records for the remote host match. If a mismatch
# occurs, access is denied, and any positive ident response within
# 20 seconds is logged. No protection is afforded against DNS poisoning,
# IP spoofing or more complicated attacks. Hosts with no reverse DNS
# pass this rule.
ALL : PARANOID : RFC931 20 : deny
># Protect against simple DNS spoofing attacks by checking that the
># forward and reverse records for the remote host match. If a
>mismatch
># occurs, access is denied, and any positive ident response within
># 20 seconds is logged. No protection is afforded against DNS poisoning,
>
># IP spoofing or more complicated attacks. Hosts with no reverse DNS
>
># pass this rule.
>ALL : PARANOID : RFC931 20 : denyкак поправить праильнее?
>># Protect against simple DNS spoofing attacks by checking that the
>># forward and reverse records for the remote host match. If a
>>mismatch
>># occurs, access is denied, and any positive ident response within
>># 20 seconds is logged. No protection is afforded against DNS poisoning,
>>
>># IP spoofing or more complicated attacks. Hosts with no reverse DNS
>>
>># pass this rule.
>>ALL : PARANOID : RFC931 20 : deny
>
>как поправить праильнее?
Можно заремить ALL : PARANOID : RFC931 20 : deny
но учти то что написано свыше..ALL : PARANOID : RFC931 20 : deny убивало конекты идущие с хостов без реверсной или некорректно прописаной реверсной зоны (на INETD идущие)