@(#) BLURB 1.6 92/08/31 22:54:43

This package provides a couple of tiny programs that monitor incoming
requests for IP services such as TFTP, EXEC, FTP, RSH, TELNET, RLOGIN,
FINGER, SYSTAT, and many others.

Optional features are: access control based on pattern matching; remote
username lookup using the RFC 931 protocol; protection against rsh and
rlogin attacks from hosts that pretend to have someone elses name.

The programs can be installed without requiring any changes to existing
software or configuration files. By default, they just log the remote
host name and then invoke the real network daemon. No information is
exchanged with the remote client process.

This is an interim release that takes care of some rough edges that
were left in last June's release. It does not introduce any new
features or changes to installation and/or configuration procedures.

    - Some sites reported that connections would be rejected because
    localhost != localhost.domain. The host name checking code now
    special-cases localhost (problem reported by several sites).

    - The programs now report an error if an existing access control
    file cannot be opened (e.g. due to lack of privileges).  Until now,
    the programs would just pretend that the access control file does
    not exist (reported by Darren Reed, avalon@coombs.anu.edu.au).

    - The timeout period for remote userid lookups was upped to 30
    seconds, in order to cope with slow hosts or networks.  If this is
    too long for you, adjust the TIMEOUT definition in file rfc931.c
    (problem reported by several sites).

    - On hosts with more than one IP network interface, remote userid
    lookups could use the IP address of the "wrong" local interface.
    The problem and its solution were discussed on the rfc931-users
    mailing list.  Scott Schwartz (schwartz@cs.psu.edu) folded the fix
    into the rfc931.c module.

    - The result of % expansion (in shell commands) is now checked for
    stuff that may confuse the shell; it is replaced by underscores
    (problem reported by Icarus Sparry, I.Sparry@gdr.bath.ac.uk).

    - A portability problem was fixed that caused compile-time problems
    on a CRAY (problem reported by Michael Barnett, mikeb@rmit.edu.au).

Finally, a caveat for those who use the optional remote username lookup
feature (RFC 931 protocol).  On some systems, these lookups may trigger
a kernel bug.  When a client host connects to your system, and the RFC
931 connection to that client is rejected by a router, some kernels
drop all connections with that client.  The bug is not in the log_tcp
programs: complain to your vendor and don't enable remote user name
lookups until the bug has been fixed.

The following example can be used (from outside the tue.nl domain) to
find out if you have the bug:

        % ftp 131.155.70.100

Then, when the connection has been established, run the following
command on the same machine:

        % telnet 131.155.70.100 111

The telnet command should fail with: "host not reachable". If this
causes you to lose the ftp connection, you have the bug (please report
OS and hardware type). If the telnet command does not fail, please let
me know, too :-)

	Wietse Venema (wietse@wzv.win.tue.nl),
	Department of Mathematics and Computing Science,
	Eindhoven University of Technology,
	The Netherlands.
