At 00:11 9/28/99 +0200, Robert Schelander wrote:
>I would be glad if you could tell me about the steps you've taken on your
>TCP/IP servers.
We use the security features built into TNOS on our gateway. It allows
different default privs based upon being a 44-net, non-44net, and local
ax25 user.
Default privs are set up as follows:
Unknown Internet user - telnets in from non-44 internet address
No privs. He can send mail to sysop. cannot telnet out, cannot send mail
out, cannot ax25 out.
Unknown Amprnet user - telnets in from another 44-net address.
Allowed to telnet out and send mail out to other 44-net destinations only
non 44-net destinations denied. Is allowed to ax25 out.
Unknown AX25 user - local area user that can directly touch our radio ports
Allowed to telnet and send mail to any destination. Full ax25 privs.
Only local area users whose identity we can verify, get a password allowing
full access from the Internet. (this allows our local users to use the
machine from landline world). Upon request we'll set up pop, but only a few
are using it.
We also have TNOS configured to require logins to be a callsign, i.e.
cannot login as 'joe' etc.
=========================
David C. Gingrich, K9DC
Indianapolis, Indiana
[EMAIL PROTECTED]
=========================
