R: 2 basic questions

Marco Calistri Thu, 08 Jun 2000 23:14:04 -0700

----- Original Message -----
From: Wahyu Kelik C <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, June 08, 2000 3:36 AM
Subject: Re: 2 basic questions


> At 22:41 07/06/2000 +0200, Marco Calistri wrote:
> >1) How to add a User-ID to linux,with full permissions,
> >     but avoiding the risks of  using "root" as Login ?
>
> adduser as usually (using command "useradd new-login").
> Then supply password for new user (using command "passwd new-login").
> Edit /etc/passwd at new user line. Change user group id (gid) with 0
(equal
> to root, but it is not root, since root have user id 0).
>
Hello,many thanks for your help.You mean I can add a superuser ID
without risks related to login as "root",simply indicating the "gid" as "0"
?
>
> >2) How to configure Telnet and FTP access permission to
> >     Linux Servers (Red Hat 6.0) from localhost and from
> >     a "lan" machine having a private "192.168.." i.p.a. ?
>
> Since telnetd (telnet daemon) and ftpd (ftp daemon) using inetd (super
> server), you can restrict your LAN access by editing your /etc/hosts.allow
> and /etc/hosts.deny.
>
Right now these files are empty!
>
> At /etc/hosts.allow just add lines, example:
> in.telnetd: 192.168.1.   #Segment that allow to access your machine with
telnet
> in.ftpd: 192.168.1. #segment that allow to access your machine with ftp
> At /etc/hosts.deny add lines, example:
> in.telnetd: 192.168.2. #segment that not allowed to access your machine
via
> telnet
> in.ftpd: 192.168.2 #segment that not allowed to access your machine via
ftp
> Notes: /etc/hosts.allow used to allowing some (small part) machine or
> segments to your machine. It means, there is more machine or segments that
> not allowed to access your computer. For /etc/hosts.deny is vice versa.
> Many hosts are allowed yo access your machine, but there is hosts or
> segments that not allowed to access your machines.
> Default is all segments are allowed, so the files look likes:
> /etc/hosts.allow
> ALL: ALL
> and for /etc/hosts.deny is blank or no entry.
> For more information, you can display manual for inetd (man inetd).
>
You say that to ALLOW my 2 private i.p.a. to telnet my linux I shall write:
"in.telnetd:192.168.2.1" <for localhost> (192.168.2.1 is the linux-eth0 lan
i.p.)
"in.telnetd:192.168.2.3" <for win'95 machine> into /etc/hosts.allow  ???
Are there some other statements related over the "in.telnetd" ? i.e.
"out.telnetd" ?
Thanks a million!
All the Best,Marco - ik5bcu
>
> With best wishes,
> Wahyu Kelik C
>
R: 2 basic questions

Reply via email to
