Hello susers (SuSE users:) ),
Our providers network is kind of "hackers heaven" - lots of hacked servers. And we making connections only trough ssh and ftp (doh). Shh is ok. ftp is a problem. We can accept fact that somebody sniffs ftp username/pass , because we closed all services from all other nets than ours, except in.ftpd. We can`t use tcpd or ipchains, there because some users are connecting to server from some dial-ups. The question would be: how to restrict in.ftpd access depending on username/remote_host pairs?
ftpusers, PAM, etc. www.sysadminmag.com check the september feature. Also the LSKB covers this, also the ftp documentation for wuftpd/proftpd/etc covers this.
Gediminas Grigas
Kurt Seifried - seifried@securityportal.com SecurityPortal, your focal point for security on the net http://www.securityportal.com/