RE: log message

["Bojan Zdrnja" <Bojan.Zdrnja () LSS hr>]

Hi Maccy, 

> -----Original Message-----
> From: Maccy [mailto:maccy () maccomms co uk] 
> Sent: Wednesday, 21 April 2004 8:42 p.m.
> To: incidents () securityfocus com
> Subject: log message
>
>
> I'm seeing a lot of messages like the one below on one of my RHL 7.3
> systems, can anybody enlighten me as to what this might mean?
>
> I have googled and asked around, to no effect.
>
> Apr 21 09:03:46 altair fam[1699]: connect: Connection refused
> Apr 21 09:20:50 altair fam[1699]: connect: Connection refused
> Apr 21 09:37:54 altair fam[1699]: connect: Connection refused
> Apr 21 09:54:58 altair fam[1699]: connect: Connection refused

FAM is SGI's File Alteration Monitor. Are you sure that you actually need to
use this?

My wild guess would be that TCP Wrappers are preventing connection to this
service. If that's the case, and you want to be able to connect to it,
modify /etc/hosts.allow.

If you don't need this service, disable it - it's started from inetd (or
xinetd). Find appropriate line and comment it out.
Line in /etc/inetd.conf will probably look something like:

sgi_fam/1-2 stream  rpc/tcp wait    root    /usr/bin/fam      fam


Cheers,

Bojan
CISSP


---------------------------------------------------------------------------
----------------------------------------------------------------------------