[NTLUG:Discuss] /etc/accept and /etc/reject
Rick Moncello
rmoncello at attbi.com
Thu Nov 7 10:26:33 CST 2002
The question here has been how to restrict ftp access to allow only
authorized IPs to gain access to the system.
The hosts.allow is NOT the correct place for this. It will not work in
this case, since ftp does not pay attention to it.
The correct solution is found in /etc/xinetd.d/wu-ftpd. Here is a
(slightly edited for security) copy of what is in my file:
===============================================================================
service ftp
{
log_on_success += DURATION USERID
log_on_failure += USERID
socket_type = stream
user = root
server = /usr/sbin/in.ftpd
server_args = -l -a
wait = no
nice = 10
only_from = 192.168.62.1 192.168.62.2 192.168.62.3 192.168.62.4
192.168.62.5 192.168.62.6 192.168.62.7 192.168.62.8 192.168.62.9
}
===============================================================================
There is also a file, /etc/ftpaccess, which can further restrict access
by determining which users have permission to log in.
Good Luck!
Rick.
On Wed, 2002-11-06 at 08:42, Fred James wrote:
"man host.deny" should give you a page called "HOST_ACCESS" that should
help.
Daphne Martindell wrote:
>Jay Urish wrote:
>
>>Actually,
>>You want /etc/hosts.deny and hosts.allow
>>
>
>
>
>Thanks. What is the file format?
>
>_______________________________________________
>https://ntlug.org/mailman/listinfo/discuss
>
>
--
small is beautiful
_______________________________________________
https://ntlug.org/mailman/listinfo/discuss
More information about the Discuss
mailing list