Re: Restrict server access

To: debian-user@lists.debian.org
Subject: Re: Restrict server access
From: Douglas Allan Tutty <dtutty@porchlight.ca>
Date: Mon, 16 Apr 2007 10:08:36 -0400
Message-id: <[🔎] 20070416140836.GA7256@titan>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] evv3rv$r8i$1@sea.gmane.org>
References: <[🔎] 4622BD36.30705@businessleader.com.au> <[🔎] evv3rv$r8i$1@sea.gmane.org>

On Mon, Apr 16, 2007 at 02:08:12AM -0400, Kamaraju S Kusumanchi wrote:
> Will Parkinson wrote:
> 
> > Hi All,
> > 
> > I was wondering if there was any way to restrict server ssh, ftp and
> > even http access to certain countries / ip ranges?  I've been using
> > debian for a while at home but am pretty new to the security side of
> > things.
> > 
> > Any help much appreciated
> 
> You can use /etc/hosts.allow, /etc/hosts.deny to allow and block certain
> range of IPs. Both the files are very easy to configure. I don't know how
> to allow/block access based on the country of origin.

These only work with services mediated by inet.d (tcp wrapper)  The inet
deamon checks incoming service request against these files before
starting a service instance.  Stand-alone daemons (and most are if you
look at your inetd.conf; its probably all comments).

Doug.

Reply to:

References:
- Restrict server access
  - From: Will Parkinson <wil@businessleader.com.au>
- Re: Restrict server access
  - From: Kamaraju S Kusumanchi <kamaraju@bluebottle.com>

Prev by Date: Re: aptitude "check" command?
Next by Date: Re: really dumb question
Previous by thread: Re: Restrict server access
Next by thread: Compiz and button 8
Index(es):
- Date
- Thread