To configure logging in Multinet, execute
$ multinet config/serverLogging for each service is enabled separately; services may share a common logfile or have individual ones. Logging of rejected attempts and successful attempts may be enabled separately. Service may be restricted by subnet or by host. A typical editing session is as follows:
$ multinet config/server SERVER-CONFIG> select netstat set log-file multinet:netstat.log set log-rejects true SET REJECT-BY-DEFAULT true set REJECT-MESSAGE "You are not authorized to do this." SET ACCEPT-NETS 18.104.22.168 select systat set log-file multinet:netstat.log set log-rejects true SET REJECT-BY-DEFAULT true set REJECT-MESSAGE "You are not authorized to do this." SET ACCEPT-NETS 22.214.171.124 select telnet set log-file multinet:telnet.log set log-rejects true set log-accepts true disable chargen select RPCPORTMAP SET REJECT-BY-DEFAULT true set log-file multinet:rpc.log SET ACCEPT-NETS 126.96.36.199 127.0.0.1 show/full netstat restart exit
NETSTAT, SYSTAT and FINGER give out system information and lists of
other machines at TRIUMF.
CHARGEN is a character generator and generates a continuous stream of data. There have been reports of people using it to set up web pages which will crash browsing machines.
RSHELL, REXEC, RLOGIN allow remote login, potentially without a password, and remote execution of programs.
RPC* services allow remote procedure calls, and are used by NFS mount and many data acquisition and controls programs. One might consider restricting these to authorized subnets. 127.0.0.1 (localhost) seems to be required by e.g. the CAMP server.
SMTP is an Internet mail server. These have been used to relay junk mail
POP* are mail retrieval servers for PCs
PCNFSD is an NFS-like server for PCs
NNTP is Usenet News
Up to Security Page