In article <1164412092.253833.244560@14g2000cws.googlegroups.c om>,
"cpadwick" wrote:

: Hi,
:
: I recently setup an SGI O2 as an apache server with sshd running. I
: quickly noticed that several foriegn addresses were executing a
: "dictionary" type attack on my box. A little bit of research showed
: that I needed to compile tcp_wrappers, and recompile openssh with
: tcp_wrappers support. So I did that and it kind of works, but I can't
: seem to pass a basic test. In hosts.deny you should be able to add
: ALL: 127.0.0.1 and then when you try to ssh localhost from your
: localhost you should get rejected. Unfortunately I can't get that to
: work - I can login no problem. But I know that sshd is checking
: /etc/hosts.deny because if I put ALL: 0.0.0.0 in my /etc/hosts.deny
: then I get an "ssh_exchange_identification: Connection refused by
: remote host message" which is what I expected to happen with the
: 127.0.0.1 entry.
:
: Further, when I ssh into my box from another machine and look in
: /var/adm/SYSLOG I see an entry like the following:
:
: ryan sshd[1107]: Server listening on 0.0.0.0 port 22
: ryan sshd[1107]: Generating RSA key
: ryan sshd[1107]: RSA key generation complete
: ryan sshd[1115]: Accepted password for from 0.0.0.0 port 60522
: ssh2
: ryan sshd[1115]: could not reverse map address 0.0.0.0
:
: The last two entries seem pretty strange...why is the external
: computer's address 0.0.0.0? Why is the sshd server listening on 0.0.0.0
: instead of 127.0.0.1?
:
: Any help would be much appreciated!

You're probably compiling with GCC and running into one of the IRIX-specific
bugs. When you use GCC, it passes some types of parameters to subroutines
slightly differently than the mipspro compilers, which doesn't really affect
much except for inet_ntoa and related fuctions.

The solution is to compile with mipspro, basically.


Cheers - Tony 'Nicoya' Mantler

--
Tony 'Nicoya' Mantler - Master of Code-fu
-- nicoya@ubb.ca --*http://www.ubb.ca/ --

Tony 'Nicoya' Mantler wrote:
> In article <1164412092.253833.244560@14g2000cws.googlegroups.c om>,
> "cpadwick" wrote:
>
> : Hi,
> :
> : I recently setup an SGI O2 as an apache server with sshd running. I
> : quickly noticed that several foriegn addresses were executing a
> : "dictionary" type attack on my box. A little bit of research showed
> : that I needed to compile tcp_wrappers, and recompile openssh with
> : tcp_wrappers support. So I did that and it kind of works, but I can't
> : seem to pass a basic test. In hosts.deny you should be able to add
> : ALL: 127.0.0.1 and then when you try to ssh localhost from your
> : localhost you should get rejected. Unfortunately I can't get that to
> : work - I can login no problem. But I know that sshd is checking
> : /etc/hosts.deny because if I put ALL: 0.0.0.0 in my /etc/hosts.deny
> : then I get an "ssh_exchange_identification: Connection refused by
> : remote host message" which is what I expected to happen with the
> : 127.0.0.1 entry.
> :
> : Further, when I ssh into my box from another machine and look in
> : /var/adm/SYSLOG I see an entry like the following:
> :
> : ryan sshd[1107]: Server listening on 0.0.0.0 port 22
> : ryan sshd[1107]: Generating RSA key
> : ryan sshd[1107]: RSA key generation complete
> : ryan sshd[1115]: Accepted password for from 0.0.0.0 port 60522
> : ssh2
> : ryan sshd[1115]: could not reverse map address 0.0.0.0
> :
> : The last two entries seem pretty strange...why is the external
> : computer's address 0.0.0.0? Why is the sshd server listening on 0.0.0.0
> : instead of 127.0.0.1?
> :
> : Any help would be much appreciated!
>
> You're probably compiling with GCC and running into one of the IRIX-specific
> bugs. When you use GCC, it passes some types of parameters to subroutines
> slightly differently than the mipspro compilers, which doesn't really affect
> much except for inet_ntoa and related fuctions.
>
> The solution is to compile with mipspro, basically.
>
>
> Cheers - Tony 'Nicoya' Mantler
>
> --
> Tony 'Nicoya' Mantler - Master of Code-fu
> -- nicoya@ubb.ca -- http://www.ubb.ca/ --

Hi Tony,

Yes that was the problem! I recompiled using the IRIX compilers and
viola, everything works now.

Regards,

Chris

Tony 'Nicoya' Mantler wrote:

: The solution is to compile with mipspro, basically.

Or you can use a quick and dirty workaround:

---------------------------------------------------------------------------
#ifdef GCC_SGI_BUG

/*
* inet_ntoa:
* with gcc compiled from sources (up to gcc 2.95.2) returns always
* 255.255.255.255 on SGI/IRIX
*
* this is a simple workaround
*/

static char *my_inet_ntoa(struct in_addr add);

static char *my_inet_ntoa(struct in_addr in)
{
static char s[512];
u_long add;

add=htonl(in.s_addr);
sprintf(s, "%d.%d.%d.%d",
(add & 0xff000000)>>24,
(add & 0x00ff0000)>>16,
(add & 0x0000ff00)>>8,
(add & 0x000000ff)
);
return s;
}

#define inet_ntoa my_inet_ntoa
#endif

---------------------------------------------------------------------------




: Cheers - Tony 'Nicoya' Mantler

: --
: Tony 'Nicoya' Mantler - Master of Code-fu
: -- nicoya@ubb.ca --*http://www.ubb.ca/ --

--
PGP and other useless info at \
http://webdiis.unizar.es/~spd/ \
finger://daphne.cps.unizar.es/spd \ Timeo Danaos et dona ferentes
ftp://ivo.cps.unizar.es/pub/ \ (Virgilio)