6

Iam using a Ubuntu 17.10 VM in GCP. To prevent my server's IP from being spoofed, I did the below changes in my /etc/host.conf file:

Changed from:

# The "order" line is only used by old versions of the C library.
order hosts,bind
multi on

To 

# The "order" line is only used by old versions of the C library.
​order bind,hosts
​nospoof on

But this gave the below error:

/etc/host.conf: line 2: bad command `​order bind,hosts'
/etc/host.conf: line 3: bad command `​nospoof on'

What is going wrong?

Abhi1988
  • 71
  • 1
  • 1
  • 3
  • What produced the errors? – jordanm Dec 29 '17 at 20:04
  • Modern systems use `/etc/nsswitch.conf` instead of `/etc/host.conf` – jordanm Dec 29 '17 at 20:05
  • @jordanm Why then does the man page say: **hosts Host names and numbers, used by gethostbyname(3) and related functions.** ? *`gethostbyname(3)`* is long obsoleted; POSIX.1-2001 and in POSIX.1-2008 it was marked to be removed. On my boxen (Fedora, CentOS) *`order`*, *`multi`* and *`reorder`* are still definitely not considered a bad command. So in 2017 your comment doesn't really make much sense to me. (Not that host.conf doesn't use those either, of course) – Pryftan May 10 '18 at 18:58

2 Answers2

5

None of those obsolete options you placed in /etc/host.conf have any effect anymore. And Google will prevent your IP from being spoofed; you don't have to worry about it.

Michael Hampton
  • 237,123
  • 42
  • 477
  • 940
  • Is there any way to reset it because I get that error all the time. – Abhi1988 Dec 30 '17 at 04:45
  • Just put the original content back. Or an empty file. On my system it only says `multi on`. – Michael Hampton Dec 30 '17 at 05:27
  • 1
    There are similar discussions on this matter on [Stackoverflow](https://stackoverflow.com/questions/41990078/what-measures-does-google-cloud-take-to-protect-the-instances-from-ip-spoofing) and [Google Groups](https://groups.google.com/forum/#!topic/gce-discussion/1yCdTamt4qs) – Carlos Jan 23 '18 at 18:36
0

In my case the problem was in other repos. I have delete those four repos:

  • CentOS-Base.repo
  • CentOS-CR.repo
  • CentOS-Debuginfo.repo
  • CentOS-fasttrack.repo

and it works

kenlukas
  • 2,886
  • 2
  • 14
  • 25
mouad or
  • 1