[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-users] How to stop snoopers...

Subject: RE: [cobalt-users] How to stop snoopers...
From: Rodolfo Paiz <rpaiz@xxxxxxxxxxxxxx>
Date: Thu Feb 8 11:07:05 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

> > Anyhow the command to do that is (as root in shell):
> > /sbin/route add -host 123.45.678.90 reject
>
> actually this just stops me from accessing them,
> not them from accessing me.  any ideas to go the
> other way?

Check out LogCheck and PortSentry, both from Psionic Software
(http://psionic.com). Also check out TripWire and read the manual pages
for ipchains. All of these things will be good for you in the long run.
No further help offered here, since I'm still reading about them.

ipchains is the firewall software built in to your server. It will do
what you want it to do. Also, for some services which use tcpwrappers
you can use the hosts.deny file (/etc/hosts.deny) to block an IP or
range. I think the format you want is:

ALL: 111.222.333.444

and that will prevent that IP address from accessing your server for any
tcpwrapped service. Not sure what those are, though... I think it's
those services run by inetd or xinetd.

--
Rodolfo J. Paiz
rodolfo@xxxxxxxx <mailto:rodolfo@xxxxxxxx>

References:
- Re: [cobalt-users] How to stop snoopers...
  - From: fastmedia

Prev by Date: [cobalt-users] NEED username > 12 characters
Next by Date: RE: [cobalt-users] Server Attacked
Previous by thread: Re: [cobalt-users] How to stop snoopers...
Next by thread: [cobalt-users] Finding Packags for RaQ Servers

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index