[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] Allowing / Blocking IP for all services
- Subject: Re: [cobalt-users] Allowing / Blocking IP for all services
- From: "Babu P. Yogarajah" <bpy@xxxxxxxxx>
- Date: Thu Jan 18 19:10:37 2001
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
At 16:54 18/01/01 -0800, you wrote:
>
>> > We want to allow only 2 or 3 IP numbers to access our FTP, SSH and
>e-mail
>> > services. Any other IP numbers must be blocked.
>>
>> Sure, use ip-chains or setup ftp, ssh and email so that they all will be
>> accessed through tcpwrappers and put in ALL: ALL in hosts.deny, and only
>put
>> the allowed ip-numbers in hosts.allow.
>
>How do you setup ftp, ssh and telnet through tcpwrappers?
Hi Mike,
E.g for FTP and TELNET
First add your primary IPs which you use normally to connect
with your server, to the file /etc/hosts.allow
in the form of
ALL : xxx.xxx.xxx.xxx, xxx.xx.xx.xxx, 127.0.0.1
Then edit /etc/hosts.deny
and add
in.telnetd:ALL
in.proftpd:ALL
Now before you log out from your server try
different set of ftp and telent sessions from your
primary IPs and make sure everything OK.
E.g for SSH
Add to the /etc/sshd_config
in the form of
AllowHosts *.your.first.domain *.your.dial.up.provider your.2nd.domain
Best regards,
Babu P. Yogarajah
______________________________________________________
Top Level Domains for 7.99 -> http://99p.org/reseller/