TCLUG Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

More Security Questions...



Hello all,

I've been working to secure my system before my DSL line gets turned on, and
have really appreciated all the help everyone has given me!  As usual, I've
got more questions...

I've turned off almost everything that is being started out of inetd.

When you guys say you block other ports, do you simply comment out the
corresponding entry in /etc/services?  Or is there more to it than that?

From what I understand (no smart remarks...8p), tcp wrappers are used with
services like ftp, telnet, etc.  Can they be used with ssh?  How does that
relationship work?

In testing ssh, I noticed that there is no log entry (/var/adm/messages)
when I connect, but there is one when I disconnect.  But, even the
disconnect message doesn't tell me much - " sshd[222]: Remote host
disconnected: Connection closed."

Can I get ssh to log a "start of service" type of entry, and tell me
who/what/where, etc. is using it?

Thanks again for your help!!

Scott K. Johnson
skj@visi.com