[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Security on a newly-installed debian system



On Wed, Apr 16, 2003 at 09:08:26AM +0200, Joerg Johannes wrote:
> Hi Hugh
> 
> On Tuesday 15 April 2003 20:53, Hugh Saunders wrote:
> > i think this is quite an old way of doing things but my gut reaction
> > would be to put ALL:ALL in hosts.deny and clear anything from
> > hosts.allow untill you are sorted, then give access to those who need it
> > [ie you from wherever your gonna be]
> 
> Just an idea coming up: Is it possible to allow/deny access via a 
> "fingerprint" (such as the MAC adress or the key used by ssh) ?

Yes, iptables lets you filter based on MAC address.  It's fairly easy to
forge, though, so it's not worth depending on for security.

-- 
Rob Weir <rweir@ertius.org>                              http://www.ertius.org/
GPG keys: 1024D/1E73B7CD, 4096R/3ABDE5EC     |      Do I look like I want a CC?
Words of the day:    Craig Livingstone ASO Waco, Texas Iran S Key IDEA Honduras

Attachment: pgpWJxPuHdaMs.pgp
Description: PGP signature


Reply to: