[nflug] Blocking out unwanted guests...
Jason Lasker
lasker at eng.buffalo.edu
Sun Jan 6 21:35:14 EST 2008
You may want to deny all as a standard then only allow what you want in hosts.allow.
hosts.deny
All: ALL
Host.allow
sshd: allowed ips, domains etc....
other services: allowed ips, domains etc....
you can also control other services in /etc/xinetd.d (system dependent)
Specifically for ssh you can also add a users list to /etc/ssh/sshd_config
AllowUsers user1 user2 ..... (may have to restart sshd daemon)
This would allow you to set a domain like .rr.com in hosts.allow and restrict users in sshd_config
Your mileage may vary....
-----Original Message-----
From: nflug-bounces at nflug.org [mailto:nflug-bounces at nflug.org] On Behalf Of Robert Wolfe
Sent: Sunday, January 06, 2008 1:14 PM
To: nflug at nflug.org
Subject: Re: [nflug] Blocking out unwanted guests...
Franklin Kumro Jr wrote:
> Using denyhosts will ban users who do exactly what you described
> automatically. If you want to ban them by hand then do the following
>
> To block all access add the following to hosts.deny
>
> ALL: IPADDRESS
>
> to block just ssh then add this
>
> sshd: IPADDRESS
>
>
Thanks for the information. I was able to do a revdns lookup on the
IP. Reported it to the offender's ISP (in Russia) and actually got an
email direct from the guy that runs the place saying that they will get
to work on investigating the issue.
_______________________________________________
nflug mailing list
nflug at nflug.org
http://www.nflug.org/mailman/listinfo/nflug
More information about the nflug
mailing list