Re: Restrict server access
On Mon, Apr 16, 2007 at 02:08:12AM -0400, Kamaraju S Kusumanchi wrote:
> Will Parkinson wrote:
>
> > Hi All,
> >
> > I was wondering if there was any way to restrict server ssh, ftp and
> > even http access to certain countries / ip ranges? I've been using
> > debian for a while at home but am pretty new to the security side of
> > things.
> >
> > Any help much appreciated
>
> You can use /etc/hosts.allow, /etc/hosts.deny to allow and block certain
> range of IPs. Both the files are very easy to configure. I don't know how
> to allow/block access based on the country of origin.
These only work with services mediated by inet.d (tcp wrapper) The inet
deamon checks incoming service request against these files before
starting a service instance. Stand-alone daemons (and most are if you
look at your inetd.conf; its probably all comments).
Doug.
Reply to: