IT dragons tamed since 2006 (with 760 solutions and growing)

[login]
[join]

your IP[54.221.93.187]




If you thought this solution was helpfull, please login and vote. Not a member? click here

ID762
TitleTCP Wrappers logging with expansions
Byjohn
Keywordstcpwrapper spawn echo
CategorySolaris
Votes1
Views64
Score74
Date2017-06-01
Body
Expansions, when used in conjunction with the spawn and twist directives, provide information about
the client, server, and processes involved. spawn — Launches a shell command as a child process. This directive can perform tasks like
createing special log files using the echo command. twist — Replaces the requested service with the specified command. This directive is often used to
set up traps for intruders (also called "honey pots"). It can also be used to send messages to
connecting clients. The twist directive must occur at the end of the rule line. Example, log denies
dracko01:/# cat /etc/hosts.deny ALL:ALL : spawn /bin/echo `/bin/date` from %a>>/var/log/deny.log
Example, send a message
dracko01:/# cat /etc/hosts.allow vsftpd : .example.com : twist /bin/echo "421 This domain has been black-listed. Access denied!"
The following is a list of supported expansions:
%a — Returns the client's IP address. %A — Returns the server's IP address. %c — Returns a variety of client information, such as the username and hostname, or the username
and IP address. %d — Returns the daemon process name. %h — Returns the client's hostname (or IP address, if the hostname is unavailable). %H — Returns the server's hostname (or IP address, if the hostname is unavailable). %n — Returns the client's hostname. If unavailable, unknown is printed. If the client's hostname
and host address do not match, paranoid is printed. %N — Returns the server's hostname. If unavailable, unknown is printed. If the server's hostname
and host address do not match, paranoid is printed. %p — Returns the daemon's process ID. %s —Returns various types of server information, such as the daemon process and the host or IP
address of the server. %u — Returns the client's username. If unavailable, unknown is printed.
SharediggDigg this solutiondel.icio.usPost to del.icio.usSlashdotSlashdot it!email to a friend
PrintPrint This Solution Print
If you thought this solution was helpfull, please login and vote. Not a member? click here

Users who voted on this solution:

john

Latest News

Thanks to Dave for hosting this site!

Registered User Area

[login]
[new user]


Paying the Rent



Advanced Search:

Choose body, keywords, title, or all to include in search 
words to include in search 
and(+)

Choose body, keywords, title, or all to include in search 
additional words to include in search 
not(-)

Choose body, keywords, title, or all to exclude in search 
words to exclude from search 


catagory
order by






diggDigg Dracko
del.icio.usPost to del.icio.us
SlashdotSlashdot us!




Don't forget to vote!
Powered by John Core
Bye!

Dracko by John Core

me

View John Core's profile on LinkedIn


Certifications
security logo saber ccsa logo ccna-logo hbss veritas

Technologies
oracle_logo
solaris_logo linux-logo openstack_logo vbox_logo splunk storagetek_logo sun_logo oraclevm_logo brocade_logo bsd_logo

Languages
c-logo bash-logo php-logo

Employers
PlanetPayment Medecision AWi PennStateHershey DISA DLA cim Sun

Consulting
KMBS PNC FBI CCS PTD Sentinel