Date: Thu, 25 Oct 2001 01:19:38 -0400 From: Anthony Schneider <aschneid@mail.slc.edu> To: Purwa Riadi <purwa@progs4wealth.com> Cc: David <david@web.cc>, freebsd-security@FreeBSD.ORG Subject: Re: telnet limitation Message-ID: <20011025011938.A1299@mail.slc.edu> In-Reply-To: <00c601c15d13$8dd17200$ab5b96ca@padjajaran>; from purwa@progs4wealth.com on Thu, Oct 25, 2001 at 12:11:36PM %2B0700 References: <20011023081729.A10955@warsaw.scl.ameslab.gov> <007c01c15c6b$5a861fc0$ab5b96ca@padjajaran> <000701c15c6c$5271d620$0900000a@web.cc> <00c601c15d13$8dd17200$ab5b96ca@padjajaran>
next in thread | previous in thread | raw e-mail | index | archive | help
I believe that the hosts.deny file is deprecated, and that rtules should now be specified in /etc/hosts.allow. This is a 3.3-RELEASE box we're talking about, which I'm not too sure of, but you can specify IP addresses which can access telnet on your host by specifying rules in your /etc/hosts.allow file such as: ALL : 127.0.0.1 : allow telnetd : 202.169.35.125 : allow ALL : ALL : deny What this effectively does is allow all connections from localhost to localhost for any service, and deny everything for every host except for 202.159.35.125 accessing telnetd. -Anthony. On Thu, Oct 25, 2001 at 12:11:36PM +0700, Purwa Riadi wrote: > > I was try to set the hosts.deny and hosts.allow like below > > #more /etc/hosts.allow > ALL: 127.0.0.1 localhost > ALL: 202.159.35.125 > ALL: 202.159.35.126 > > # more /etc/hosts.deny > ALL: ALL > > But, I can still telnet from all of host in my network. The rules in both of > file didn't give impact at all for my machine(3.3-RELEASE FreeBSD > 3.3-RELEASE). > What should I do now....? > > Also, if I wanna upgrade the server to 4.3-Release...Is it save way for may > data and setting like natd setting? > > Thx and regards > > Purwa R > > > ----- Original Message ----- > From: "David" <david@web.cc> > To: "Purwa Riadi" <purwa@progs4wealth.com>; <freebsd-security@FreeBSD.ORG> > Sent: Wednesday, October 24, 2001 4:14 PM > Subject: Re: telnet limitation > > > > hi, > > > > try using tcp wrappers.. it is build into FreeBSD. > > look at hosts.allow > > > > ----- Original Message ----- > > From: "Purwa Riadi" <purwa@progs4wealth.com> > > To: <freebsd-security@FreeBSD.ORG> > > Sent: Wednesday, October 24, 2001 5:07 PM > > Subject: telnet limitation > > > > > > > Dear FreeBSDer, > > > > > > If I wanna give rules in my server, therefore just certain IP that can > > > telnet to my server, whats scripts that should I change and configure? > > > Anyone can explain to me? > > > > > > > > > thx & regards > > > > > > Purwa > > > > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > with "unsubscribe freebsd-security" in the body of the message > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011025011938.A1299>