From owner-freebsd-isp  Thu Aug 21 08:45:04 1997
Return-Path: <owner-freebsd-isp>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.5/8.8.5) id IAA28666
          for isp-outgoing; Thu, 21 Aug 1997 08:45:04 -0700 (PDT)
Received: from marlin.exis.net (root@marlin.exis.net [205.252.72.102])
          by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id IAA28652
          for <freebsd-isp@FreeBSD.ORG>; Thu, 21 Aug 1997 08:44:57 -0700 (PDT)
Received: from sailfish.exis.net (sailfish.exis.net [205.252.72.104])
	by marlin.exis.net (8.8.4/8.8.5) with SMTP id LAA05045;
	Thu, 21 Aug 1997 11:44:47 -0400
Date: Thu, 21 Aug 1997 11:40:51 -0400 (EDT)
From: Stefan Molnar <stefan@exis.net>
To: John Brown <jbrown@vafibre.com>
cc: freebsd-isp@FreeBSD.ORG
Subject: Re: Remote Administration
In-Reply-To: <199708211451.000005B1@intra.vafibre.com>
Message-ID: <Pine.LNX.3.95.970821113854.30636A-100000@sailfish.exis.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-isp@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk


>  I am setting up an ISP server running FreeBSD and would like to deny all
> shell access to my server but keep myself a way to get into the server for
> remote administration. Any ideas on the best way to accomplish this?

You could make a special port ready that will give a login besides the
standard telnet port.  So when you want to get in just 
telnet hostname 9452  But if someone strobes the system then it would be
found.  Also you can setup your machine to only accect telnets from a 
set of hosts and use another machine of yours to login from.

Stefan