-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 hello what u r referring to is the vanilla config of tcpd, i use it, everyone uses that. i'm not saying that. servers without tcpd is unthinkable.. almost. xinetd promises to phase it out, but the point i'm making is to filter it after the login process runs. the client should never know what cut the connection, whether it's the login, the ip address, the time.. the more the tcpd is hidden the better. tcpd is indispensible ;) cheers cheedu On Thu, 12 Oct 2000, none none wrote:
tcp wrappers can be use to "filtered" the services running on inetd.conf using those files: /etc/hosts.allow and /etc/hosts.deny. you just to indicate the service to call tcp-wrappers on inetd.conf.
From: Sridhar
Reply-To: omicron@symonds.net To: suse-security@suse.com Subject: [suse-security] PAM and tcp wrappers Date: Thu, 12 Oct 2000 23:46:07 +0530 (IST) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
hello i just wonder if tcp wrappers can be used in pam authentication. For instance, in case of services where authentication is required, like ssh,telnet, ftp, rlogin, is it possible to deny a login based on the person's ipaddress, or execute a command like the tcp wrappers. If somebody's portscanning me for interesting ports, it would definitely be helpful if he thinks the ports are open for him, but whatever he does, he cannot get in. I wud indeed prefer tcp wrappers to be _behind_ the login . Has it been done ? That would beat the hell out of nmap ;)
regards cheedu
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.2 (GNU/Linux) Comment: For info see http://www.gnupg.org
iD8DBQE55f/wrHJM2EAbaXwRAiviAJ4nemb4Ps8u84m9gvI06yMi8RUw3wCgo1KR M+lyKdH2lyyGufsMsrIsIpg= =VV11 -----END PGP SIGNATURE-----
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
_________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
Share information about yourself, create your own public profile at http://profiles.msn.com.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.2 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE56F0irHJM2EAbaXwRAvT4AJ9k6566VZtnK3IrPj79bn17hoM3lQCfQbns lsNdSeP1kpQ0s91L1swL1PE= =l8NX -----END PGP SIGNATURE-----