[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-developers] Deny IP Address On Raq 4r
- Subject: Re: [cobalt-developers] Deny IP Address On Raq 4r
- From: Marco Baurdoux <linux@xxxxxxxxxxxxx>
- Date: Wed Sep 19 04:55:14 2001
- List-id: Discussion Forum for developers on Sun Cobalt Networks products <cobalt-developers.list.cobalt.com>
le 19.9.2001 17:40, Peter Baldwin à peterb@xxxxxxxxxxxxxx a écrit :
>>> I tried hosts.deny but nothing!! I even rebooted but nothing!! I had the
>>> following entry:
>>>
>>> ALL: IP_ADDRESS
>>>
>> Hi Kal,
>> You need to review your chapter on the tcp-wrappers :-))
>> hosts.allow and hosts.deny are only used for servers that runs
>> via the inetd
>> server ( or xinted on the newer RH distributions ).
>> And Apache isn't run via inetd, because of performance reasons.
>
> Mostly true :)
>
> You can add tcp-wrappers to any program - including standalone servers that
> do not use inetd. In fact, the SSH package from pkg.nl.cobalt.com is
> tcp_wrapper aware!
>
> Aside - you can limit SSH connections from a specific IP (or IP range)...
> add:
> "sshd: ALL" in /etc/hosts.deny
> "sshd: w.x.y.z" in /etc/hosts.allow, where w.x.y.z is an IP/IP range
>
> Careful typing in the IP, or you may lock yourself out. You may even want
> to temporarily turn telnet back on while playing around ;-)
Wise, wise words :-))
=======================================================================
Marco Baurdoux
Unix Administrator
Infomaniak Network SA
Avenue de la Praille 26
1227 Carouge
Switzerland
Tel: +41 (0)22 820 35 41
Fax: +41 (0)22 820 35 46
http://web.infomaniak.ch
Linux/Unix is very user friendly,
it's just very picky about who its friends are !!!
=======================================================================