From owner-freebsd-security  Tue Mar  7 16:12:11 2000
Delivered-To: freebsd-security@freebsd.org
Received: from roam.psg.com (roam.psg.com [206.163.43.51])
	by hub.freebsd.org (Postfix) with ESMTP id 3726937B51E
	for <freebsd-security@freebsd.org>; Tue,  7 Mar 2000 16:12:08 -0800 (PST)
	(envelope-from randy@psg.com)
Received: from randy by roam.psg.com with local (Exim 3.12 #1)
	id 12SQza-0000iQ-00; Tue, 07 Mar 2000 12:54:10 -0800
From: Randy Bush <randy@psg.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
To: Alex Michlin <alex@delete.org>
Cc: freebsd-security@freebsd.org
Subject: Re: Host Secured Logon
Message-Id: <E12SQza-0000iQ-00@roam.psg.com>
Date: Tue, 07 Mar 2000 12:54:10 -0800
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

> Is there an easy way to secure shell accounts with the hostname of the
> user (ie, only someone from *.anyisp.com can logon to shell1, and
> *.myisp.com can logon to any shell)?

i am not advocating doing this, as dns based security is weak, but use tcpd
aka log_tcp and restrict the hosts in /usr/local/etc/hosts.allow.

randy


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message