From owner-freebsd-questions Sun Nov 10 20:30:12 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DEADB37B401 for ; Sun, 10 Nov 2002 20:30:10 -0800 (PST) Received: from mail.gbronline.com (mail.gbronline.com [12.145.226.4]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3FD8643E4A for ; Sun, 10 Nov 2002 20:30:10 -0800 (PST) (envelope-from kdk@daleco.biz) Received: from DaleCoportable [12.145.226.116] by mail.gbronline.com (SMTPD32-7.13) id A1DF5DFB022C; Sun, 10 Nov 2002 22:28:15 -0600 Message-ID: <00aa01c2893a$49b06280$fa00a8c0@DaleCoportable> From: "Kevin D. Kinsey, DaleCo, S.P." To: "Stephen Hovey" , "W. D." Cc: References: <5.1.0.14.2.20021110034425.04b7c9d0@us-webmasters.com> <5.1.0.14.2.20021110210555.046f49d0@us-webmasters.com> Subject: Re: How to stop SPAMMER??! Date: Sun, 10 Nov 2002 22:24:53 -0600 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2720.3000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG From: "W. D." Subject: Re: How to stop SPAMMER??! >Hi Stephen, >I hope you don't mind, I've CC'd the list as well: >Guys: I locked myself out of my server using the "hosts.allow" script >below. I couldn't get in with SSH, FTP, and *ALL* email was blocked. >I changed back to the old "hosts.allow" and I can get back >in, but so are the slimy spammers. >It seems that "hosts.allow" is very powerfull--perhaps the way to >go. However, I can't shut off FTP and email for all the other users. >Does anyone have "ready-to-go" hosts.allow file? > > Well, now we see why the file comments suggest that wrapping sshd is *not* such a good idea...... Get the IP block of the system(s) from which you are remotely adminning the server into hosts.allow with something like this at the top: all: 192.168.0.0/255.255.255.0 : allow This is a sample netblock that makes sure hosts on my/the* LAN have access to the machine....figure out the netblock of your ISP at the home, office, or home office, and try, try, again..... HTH, Kevin Kinsey DaleCo, S.P. *Your LAN may differ, of course..... To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message