To configure logging in Multinet, execute
$ multinet config/serverLogging for each service is enabled separately; services may share a common logfile or have individual ones. Logging of rejected attempts and successful attempts may be enabled separately. Service may be restricted by subnet or by host. A typical editing session is as follows:
$ multinet config/server SERVER-CONFIG> select netstat set log-file multinet:netstat.log set log-rejects true SET REJECT-BY-DEFAULT true set REJECT-MESSAGE "You are not authorized to do this." SET ACCEPT-NETS 142.90.0.0 select systat set log-file multinet:netstat.log set log-rejects true SET REJECT-BY-DEFAULT true set REJECT-MESSAGE "You are not authorized to do this." SET ACCEPT-NETS 142.90.0.0 select telnet set log-file multinet:telnet.log set log-rejects true set log-accepts true disable chargen select RPCPORTMAP SET REJECT-BY-DEFAULT true set log-file multinet:rpc.log SET ACCEPT-NETS 142.90.0.0 127.0.0.1 show/full netstat restart exit
NETSTAT, SYSTAT and FINGER give out system information and lists of
other machines at TRIUMF.
CHARGEN is a character generator and generates a
continuous stream of
data. There have been reports of people using it to set up web pages
which will crash browsing machines.
RSHELL, REXEC, RLOGIN allow remote login, potentially without a password,
and remote execution of programs.
RPC* services allow remote procedure calls, and are used by NFS mount and
many data acquisition and controls programs. One might consider
restricting these to authorized subnets. 127.0.0.1 (localhost) seems to
be required by e.g. the CAMP server.
SMTP is an Internet mail server. These have been used to relay junk mail
POP* are mail retrieval servers for PCs
PCNFSD is an NFS-like server for PCs
NNTP is Usenet News
See also
A.Daviel