Hello freevsd people,
I am running freevsd 1.4.9-2 on RH7.1 and 1.4.7 on RH7. Both have the same
xinetd.conf and the same problem.
my xinetd.conf contains:
only_from 127.0.0.1/32
in the defaults section
this presumably limits the use of all services under xinetd to localhost,
correct? well, it doesn't. What it does is quite interesting:
It allows all connections from any address as long as there is reverse DNS for
that address. if there is not reverse dns i get errors like this:
[xxxx@myotherserver xxxx]$ ftp ftp.virtual1.com
Connected to ftp.virtual1.com.
421 Service not available, remote server has closed connection
ftp> bye
[xxxx@myotherserver xxxx]$ telnet ftp.virtual1.com 25
Trying 209.132.234.xxx...
Connected to ftp.virtual1.com (209.132.234.xxx).
Escape character is '^]'.
Connection closed by foreign host.
if i remove the 'only_from' line from xinetd it accepts connections from
unresolvable ips.
Is there a security risk that i'm missing by removing that line?
------------------------- The freeVSD Support List --------------------------
Subscribe: mailto:[EMAIL PROTECTED]?body=subscribe%20freevsd-support
Unsubscribe: mailto:[EMAIL PROTECTED]?body=unsubscribe%20freevsd-support
Archives: http://freevsd.org/support/mail-archives/freevsd-support
-----------------------------------------------------------------------------
