RE: [cobalt-developers] Deny IP Address On Raq 4r

["KAMRY" <kamry1888@xxxxxxxxx>]

I thought telnet is already ON!! I just tried it and it is ON by default
although I have SSH installed - Is this normal.

Kal

-----Original Message-----
From: cobalt-developers-admin@xxxxxxxxxxxxxxx
[mailto:cobalt-developers-admin@xxxxxxxxxxxxxxx]On Behalf Of Peter
Baldwin
Sent: Wed, September 19, 2001 11:22 AM
To: cobalt-developers@xxxxxxxxxxxxxxx
Subject: RE: [cobalt-developers] Deny IP Address On Raq 4r


> > I tried hosts.deny but nothing!! I even rebooted but nothing!! I had the
> > following entry:
> >
> > ALL: IP_ADDRESS
> >
> Hi Kal,
> You need to review your chapter on the tcp-wrappers :-))
> hosts.allow and hosts.deny are only used for servers that runs
> via the inetd
> server ( or xinted on the newer RH distributions ).
> And Apache isn't run via inetd, because of performance reasons.

Mostly true :)

You can add tcp-wrappers to any program - including standalone servers that
do not use inetd.  In fact, the SSH package from pkg.nl.cobalt.com is
tcp_wrapper aware!

Aside - you can limit SSH connections from a specific IP (or IP range)...
add:
"sshd: ALL" in /etc/hosts.deny
"sshd: w.x.y.z" in /etc/hosts.allow, where w.x.y.z is an IP/IP range

Careful typing in the IP, or you may lock yourself out.  You may even want
to temporarily turn telnet back on while playing around ;-)

Cheers!
Peter

__________________________________________________
Vito - Cobalt Server Appliance Monitor and Manager
http://vito.pointclark.net

_______________________________________________
cobalt-developers mailing list
cobalt-developers@xxxxxxxxxxxxxxx
http://list.cobalt.com/mailman/listinfo/cobalt-developers


_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com