[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] new openssl vulnerabilities

Subject: Re: [cobalt-users] new openssl vulnerabilities
From: Larry Smith <lesmith@xxxxxxxxx>
Date: Tue Jul 30 09:06:02 2002
Organization: ECSIS.NET
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

INRE RE: [cobalt-users] new openssl vulnerabilities:
> how would you used hosts.deny to block all access to port 22 except
> from a list of specified ip's?

You could use the "EXCEPT" tag in hosts.deny

SSHD:  ALL EXCEPT <IP>, <IP>:  DENY

but much better would be to use hosts.allow for the "good" guys

sshd:  <ip>:  ALLOW

then in hosts.deny do an total exclude of everthing else:

sshd:  ALL:


-- 
Larry Smith
SysAd ECSIS.NET
sysad@xxxxxxxxx

References:
- RE: [cobalt-users] new openssl vulnerabilities
  - From: Network Operations

Prev by Date: RE: [cobalt-users] new openssl vulnerabilities
Next by Date: RE: [cobalt-users] new openssl vulnerabilities
Previous by thread: RE: [cobalt-users] new openssl vulnerabilities
Next by thread: RE: [cobalt-users] new openssl vulnerabilities

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index