Date: Sat, 18 Jan 1997 13:59:14 +1100 (EST) From: "Daniel O'Callaghan" <danny@panda.hilink.com.au> To: Christian Hochhold <expert@dusk.net> Cc: freebsd-isp@freebsd.org Subject: Re: tcp_wrappers Message-ID: <Pine.BSF.3.91.970118135657.213w-100000@panda.hilink.com.au> In-Reply-To: <199701180109.VAA06835@eternal.dusk.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 17 Jan 1997, Christian Hochhold wrote: > I have tcp wrappers running on my shell machine, with twist > so it displayes a nice message to any individual trying to > connect who is not in the hosts.allow file. > I've just found that hosts.allow doesn't like wildcards, as > one of my clients is part of another major ISP, and instead > of at least being able to just allow access to the pop where > he dials into, I now have to allow ALL the ISP's POP's to > connect. > Obivously this is a risk, in order to allow one person to > telnet in, I have to allow the whole nation to telnet in > as well. tcpd is only a first line defence, and not a complete defence. I would recommend installing sshd, and getting your client to use an ssh client. There is one for Windows, although it costs US$100. See www.datafellows.com. Alternatively, impose one-time passwords. Danny
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.91.970118135657.213w-100000>