From owner-FreeBSD-users-jp@jp.freebsd.org  Thu Apr  5 11:02:29 2001
Received: (from daemon@localhost)
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) id LAA66575;
	Thu, 5 Apr 2001 11:02:29 +0900 (JST)
	(envelope-from owner-FreeBSD-users-jp@jp.FreeBSD.org)
Received: from mocha.rite.or.jp (mocha.rite.or.jp [202.241.115.138])
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) with ESMTP id LAA66569
	for <FreeBSD-users-jp@jp.freebsd.org>; Thu, 5 Apr 2001 11:02:29 +0900 (JST)
	(envelope-from tetuya@rite.or.jp)
Received: from rite.rite.or.jp (rite [192.168.1.3])
	by mocha.rite.or.jp (8.9.3+Sun/3.7W-rite_mail_gate) with ESMTP id LAA04706
	for <FreeBSD-users-jp@jp.freebsd.org>; Thu, 5 Apr 2001 11:02:24 +0900 (JST)
Received: from zenon.rite.or.jp (zenon.rite.or.jp [192.168.4.251])
	by rite.rite.or.jp (8.9.3+Sun/3.7W) with ESMTP id LAA10569
	for <FreeBSD-users-jp@jp.freebsd.org>; Thu, 5 Apr 2001 11:02:25 +0900 (JST)
Received: from TETUYA.rite.or.jp (tetuya.rite.or.jp [192.168.2.246])
	by zenon.rite.or.jp (8.9.3+3.2W/3.7W-zenon_mail_gate) with ESMTP id LAA01659
	for <FreeBSD-users-jp@jp.freebsd.org>; Thu, 5 Apr 2001 11:02:27 +0900 (JST)
Message-Id: <4.3.2-J.20010405104908.0303eac0@zenon.rite.or.jp>
X-Sender: tetuya@rite.or.jp (Unverified)
X-Mailer: QUALCOMM Windows Eudora Version 4.3.2-J
Date: Thu, 05 Apr 2001 11:03:02 +0900
To: FreeBSD-users-jp@jp.freebsd.org
From: Tetuya Saito <tetuya@rite.or.jp>
In-Reply-To: <200104050107.f3517qk58157@techno.sci.co.jp>
References: <Your message of "Thu, 05 Apr 2001 09:41:45 +0900".<4.3.2-J.20010405091910.03b4f008@zenon.rite.or.jp>
 <4.3.2-J.20010404193833.00bd4ca0@zenon.rite.or.jp>
 <4.3.2-J.20010404193833.00bd4ca0@zenon.rite.or.jp>
 <4.3.2-J.20010405091910.03b4f008@zenon.rite.or.jp>
Mime-Version: 1.0
Content-Type: text/plain; charset="ISO-2022-JP"; format=flowed
Content-Transfer-Encoding: 7bit
Reply-To: FreeBSD-users-jp@jp.freebsd.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+010328
X-Sequence: FreeBSD-users-jp 60581
Subject: [FreeBSD-users-jp 60581] Re: TCP_WRAPPER
 =?ISO-2022-JP?B?GyRCJEskRCQkJEYbKEI=?= 
Errors-To: owner-FreeBSD-users-jp@jp.freebsd.org
Sender: owner-FreeBSD-users-jp@jp.freebsd.org
X-Originator: tetuya@rite.or.jp

$B@FF#!w#R#I#T#E$G$9(B

$B$h$7$`$i(B@$B%7%9%F%`%3%"MM!"(Bakiba$BMM!"$4=u8@$"$j$,$H$&$4$6$$$^$9(B

At 10:07 01/04/05 +0900,$B$h$7$`$i(B@$B%7%9%F%`%3%"MM(B wrote:
>$B$h$7$`$i(B@$B%7%9%F%`%3%"$G$9!#(B
>
> >$B$=$3$G!";n9T:x8m$7!"(Bhosts.allow$B$N@_Dj$r2<5-$N$h$&$KJQ99$7$F$_$^$7$?$H(B
> >sshd : localhost 127.0.0.1 192.168.2.246 : allow
> >
> >$B$3$N>uBV$G(Btcpdchk$B$r<B9T$9$k$H!"2<5-$N$h$&$K(Bwarning$B$NFbMF$,JQ99$5$l$^$9!#(B
> >warning: /etc/hosts.allow, line 27: sshd: service possibly not wrapped
> >$B$3$l$O!"(Bhosts.allow$B$NFbMF$K$O!"(Bsshd$B$H$7$F!"(BACL$B$r=q$+$J$$$H$$$1$J$$$H$$$&$3$H(B
> >$B$J$N$G$7$g$&$+!)(B
> >
> >$B$=$&$9$k$H!"(Binetd.conf$B$b(Bhosts.allow$B$b2<5-$N$h$&$J@_Dj$KJQ99$7$J$$$HF~$l$J$$$N(B
> >$B$G$7$g$&$+!)(B
> >($BEvA3!"(Bservices$B$bJQ99$7$?$b$N$H$7$F(B)
> >sshd    stream  tcp     nowait  root    /usr/libexec/sshd 
> /usr/sbin/sshd -i
>
>hosts.(allow|deny)$B%U%!%$%k$N(Bdaemon_list$B$O%W%m%0%i%`L>$G$9!#(B
>inetd.conf$B$N%W%m%0%i%`L>$O!"(B
> >sshd    stream  tcp     nowait  root    /usr/libexec/sshd 
> /usr/sbin/sshd -i
>                                                       ^^^^
>$B$3$l$G$9!#(B
>
>$BJ,$+$j$d$9$/=q$/$H(B/etc/inetd.conf$B$,(B
>pop3    stream  tcp     nowait  root    /usr/local/libexec/popper3 popper3 -s
>$B$J$i!"(B/etc/hosts.allow$B$O(B
>popper3 : ALL : allow
>$B$H=q$-$^$9!#(B

$B$J$k$[$I!"$=$&$$$&$3$H$@$C$?$N$G$9$M!"KM$O!"$F$C$-$j!"(Bhosts.allow$B$KDj5A$9$k(B 
ACL$B$O%G!<%b%sL>(B
$B$G$O$J$/%5!<%S%9L>$@$H;W$$$3$s$G$$$^$7$?!#(B
$B$^$?!"0l$DJY6/$5$;$F$$$?$@$-$^$7$?!#(B
$B$"$j$,$H$&$4$6$$$^$7$?!#(B

>$B$"$H$O(Btcp_wrapper$B;H$C$F$$$k$+$I$&$+$OJL$K$7$F!"(Bldd /usr/sbin/sshd
>$B$d$l$P!"0MB8$5$l$F$$$k$+$I$&$+$OJ,$+$k$H;W$$$^$9!#(B
ldd /usr/sbin/sshd$B$r<B9T$7$F$_$^$7$?!#(B
$B7k2L$O0J2<$NDL$j$G$7$?!#(B
/usr/sbin/sshd:
         libopie.so.2 => /usr/lib/libopie.so.2 (0x28091000)
         libmd.so.2 => /usr/lib/libmd.so.2 (0x2809a000)
         libcrypt.so.2 => /usr/lib/libcrypt.so.2 (0x280a4000)
         libcrypto.so.1 => /usr/lib/libcrypto.so.1 (0x280b9000)
         libutil.so.3 => /usr/lib/libutil.so.3 (0x28175000)
         libz.so.2 => /usr/lib/libz.so.2 (0x2817e000)
         libwrap.so.3 => /usr/lib/libwrap.so.3 (0x2818b000)
         libpam.so.1 => /usr/lib/libpam.so.1 (0x28193000)
         libc.so.4 => /usr/lib/libc.so.4 (0x2819c000)

$B$3$l$r(Bmil$B$H(Blibwrap.so.3$B$r;HMQ$7$F$$$k$h$&$J$N$G!"(BTCP_WRAPPER$B$,AH$_9~$^$l$F(B 
$B$$$k$h$&$K;W$&$N$G$9$,(B
$B$I$&$7$F!"(Btcpdchk$B$r<B9T$9$k$H!"(Bwarning: /etc/hosts.allow, line 27: sshd: 
service possibly not wrapped$B$N(B
warning$B$,$G$k$N$G$7$g$&$+!)(B

At 10:20 01/04/05 +0900, akiba$BMM(B wrote:
>$B=)>l$H?=$7$^$9!#(B
>$B$3$l$J$s$G$9$1$I$b!"(B/usr/libexec/sshd$B$C$FK\Ev$K$"$j$^$9$+(B?
>sshd    stream  tcp  nowait  root   /usr/sbin/sshd     sshd -i
>$B$N4V0c$$$G$O$"$j$^$;$s$+(B?

/usr/libexec/ssd$B$O%j%s%/$G<BBN$O(B/usr/sbin/sshd$B$G$9(B
$B$J$<!"$3$N$h$&$J%j%s%/$r:n$C$?$+$H$$$&$H!"(Binetd.conf$B$NB>$N@_Dj$K$"$o$;$k$?$a$K(B
$B:n$C$?$N$G$9$,!"$^$:$+$C$?$G$7$g$&$+!)(B


$B%"%I%P%$%9$h$m$7$/$*4j$$$7$^$9!#(B

***************************************************************
*
* $B:bCDK!?M(B $BCO5e4D6-;:6H5;=Q8&5f5!9=(B
* $B8&5f4k2hIt(B $B8&5f;Y1g2](B
* $B@FF#!!E/Li!!(B
*
* e-mail$B!'(Btetuya@rite.or.jp
* $B=;(B  $B=j!'(B $B")(B619-0292 $B5~ETI\Aj3Z74LZDED.LZDE@nBf#9!]#2(B
* $BEE(B  $BOC!'(B $B#0#7#7#4!]#7#5!]#2#3#0#3(B
* $B#F#A#X!'(B $B#0#7#7#4!]#7#5!]#2#3#1#6(B
* PGP Finger Print 39E8 238C F4DB 7B94 83D3  0831 E1F9 3089 FC97 BD54
****************************************************************

