On May 19, 2006, at 8:55 PM, jekillen wrote:
I am trying to deny ftp access to my web site from out side. I have
two nics on the server and access it from the inside network via
one and serve to the public on the other.
I tried to write a rule in hosts.allow to deny ftp connections to
the
jekillen wrote:
Hello all;
I am trying to deny ftp access to my web site from out side. I have two
nics on the server and access it from the inside network via one and
serve to the public on the other.
I tried to write a rule in hosts.allow to deny ftp connections to the
public ip address
On May 19, 2006, at 7:33 PM, David Kelly wrote:
On May 19, 2006, at 8:55 PM, jekillen wrote:
I am trying to deny ftp access to my web site from out side. I have
two nics on the server and access it from the inside network via one
and serve to the public on the other.
I tried to write a
Just out of curiosity, why can 'sshd' not be started from the
'/etc/rc.conf' file?
Sure you can. Just add a line into /etc/rc.conf like this:
sshd_enable=YES
sshd should be started automatically during next boot.
Regards,
Anthony M. Rasat
PT. Kalteng Pos Press
Palangkaraya -
At Sun, 19 Mar 2006 it looks like Jerry McAllister composed:
One doesn't start anything from the rc.conf file - at least properly.
Those things get started from /usr/local/etc/rc.d.
What goes in /etc/rc.conf are environmental variable settings that
those rc.d scripts look at to
Jerry McAllister wrote:
At Sun, 19 Mar 2006 it looks like Jerry McAllister composed:
One doesn't start anything from the rc.conf file - at least properly.
Those things get started from /usr/local/etc/rc.d.
What goes in /etc/rc.conf are environmental variable settings that
those rc.d scripts
Jerry McAllister wrote:
At Sun, 19 Mar 2006 it looks like Jerry McAllister composed:
One doesn't start anything from the rc.conf file - at least properly.
Those things get started from /usr/local/etc/rc.d.
What goes in /etc/rc.conf are environmental variable settings that
those
Daniel A. wrote:
On 3/19/06, Chris Maness [EMAIL PROTECTED] wrote:
My denyhost script is doing it's job by adding:
sshd: 62.149.232.105 : deny
to the hosts.allow file, but I see that this host is still making
attempts to get into my box. Is there a cron job or something that has
to
Daniel A. wrote:
On 3/19/06, Chris Maness [EMAIL PROTECTED] wrote:
My denyhost script is doing it's job by adding:
sshd: 62.149.232.105 : deny
to the hosts.allow file, but I see that this host is still making
attempts to get into my box. Is there a cron job or something that has
to
Chris Maness wrote:
Daniel A. wrote:
On 3/19/06, Chris Maness [EMAIL PROTECTED] wrote:
My denyhost script is doing it's job by adding:
sshd: 62.149.232.105 : deny
to the hosts.allow file, but I see that this host is still making
attempts to get into my box. Is there a cron job or
On 3/19/06, Gerard Seibert [EMAIL PROTECTED] wrote:
Chris Maness wrote:
Daniel A. wrote:
On 3/19/06, Chris Maness [EMAIL PROTECTED] wrote:
My denyhost script is doing it's job by adding:
sshd: 62.149.232.105 : deny
to the hosts.allow file, but I see that this host is still
Gerard Seibert wrote:
Chris Maness wrote:
OK, I was able to get to work by just starting out with a blank
hosts.allow. Everything is allowed by default, so when denyhosts
adds a deny line to the file, it will deny access to that host.
Also, sshd can't be started in rc.conf, it has to be
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Karol Kwiatkowski wrote:
Gerard Seibert wrote:
Chris Maness wrote:
Also, sshd can't be started in rc.conf, it has to be started in
inetd.conf. Make sure you do a /etc/rc.d/inetd restart after you
make changes.
Just out of curiosity, why can
--nextPart3654328.GjrC4HtVEj
Content-Type: text/plain;
charset=iso-8859-1
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
Chris Maness wrote:
Daniel A. wrote:
On 3/19/06, Chris Maness [EMAIL PROTECTED] wrote:
My denyhost script is doing it's job by
Chris Maness wrote:
Daniel A. wrote:
On 3/19/06, Chris Maness [EMAIL PROTECTED] wrote:
My denyhost script is doing it's job by adding:
sshd: 62.149.232.105 : deny
to the hosts.allow file, but I see that this host is still making
attempts to get into my box. Is there a
At Sun, 19 Mar 2006 it looks like Jerry McAllister composed:
One doesn't start anything from the rc.conf file - at least properly.
Those things get started from /usr/local/etc/rc.d.
What goes in /etc/rc.conf are environmental variable settings that
those rc.d scripts look at to determine
I'm not sure this is correct. If you read sshd(8), you'll see in the
FILES section that sshd will read /etc/hosts.allow and /etc/hosts.deny
on its own (i.e. it's compiled/linked with libwrap). Looking at
/usr/src/crypto/openssh/Makefile.in for the sshd target verifies this.
That and sshd
On Sat, Mar 18, 2006 at 04:12:41PM -0800, Chris Maness wrote:
My denyhost script is doing it's job by adding:
sshd: 62.149.232.105 : deny
to the hosts.allow file, but I see that this host is still making
attempts to get into my box.
Where do you see this (i.e. logged by what)?
Kris Kennaway wrote:
On Sat, Mar 18, 2006 at 04:12:41PM -0800, Chris Maness wrote:
My denyhost script is doing it's job by adding:
sshd: 62.149.232.105 : deny
to the hosts.allow file, but I see that this host is still making
attempts to get into my box.
Where do you see this (i.e.
Kris Kennaway wrote:
On Sat, Mar 18, 2006 at 04:12:41PM -0800, Chris Maness wrote:
My denyhost script is doing it's job by adding:
sshd: 62.149.232.105 : deny
to the hosts.allow file, but I see that this host is still making
attempts to get into my box.
Where do you see this (i.e.
On Sat, Mar 18, 2006 at 05:24:40PM -0800, Chris Maness wrote:
Kris Kennaway wrote:
On Sat, Mar 18, 2006 at 04:12:41PM -0800, Chris Maness wrote:
My denyhost script is doing it's job by adding:
sshd: 62.149.232.105 : deny
to the hosts.allow file, but I see that this host is still
Kris Kennaway wrote:
On Sat, Mar 18, 2006 at 05:24:40PM -0800, Chris Maness wrote:
Kris Kennaway wrote:
On Sat, Mar 18, 2006 at 04:12:41PM -0800, Chris Maness wrote:
My denyhost script is doing it's job by adding:
sshd: 62.149.232.105 : deny
to the hosts.allow file, but I
On Sat, Mar 18, 2006 at 05:48:29PM -0800, Chris Maness wrote:
Sounds like something else is wrong with your hosts.allow then.
# Start by allowing everything (this prevents the rest of the file
# from working, so remove it when you need protection).
# The rules here work on a First match wins
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Chris Maness wrote:
I tried running sshd off of inetd instead of in daemon mode. It still
didn't work.
here is the file:
Notice anything strange about the top?
# Start by allowing everything (this prevents the rest of the file
# from
Kris Kennaway wrote:
On Sat, Mar 18, 2006 at 05:48:29PM -0800, Chris Maness wrote:
Sounds like something else is wrong with your hosts.allow then.
# Start by allowing everything (this prevents the rest of the file
# from working, so remove it when you need protection).
# The
On Sat, Mar 18, 2006 at 06:01:31PM -0800, Chris Maness wrote:
Kris Kennaway wrote:
On Sat, Mar 18, 2006 at 05:48:29PM -0800, Chris Maness wrote:
Sounds like something else is wrong with your hosts.allow then.
# Start by allowing everything (this prevents the rest of the
Kris Kennaway wrote:
On Sat, Mar 18, 2006 at 06:01:31PM -0800, Chris Maness wrote:
Kris Kennaway wrote:
On Sat, Mar 18, 2006 at 05:48:29PM -0800, Chris Maness wrote:
Sounds like something else is wrong with your hosts.allow then.
# Start by
In the last episode (Feb 23), kalin mintchev said:
i have some crap in my log like:
Feb 23 16:56:45 bigdaddy named[85641]: client 218.19.160.163#63869: update
'bigdaddy.com/IN' denied
Feb 23 16:56:46 bigdaddy named[85641]: client 218.19.160.163#62855: update
'bigdaddy.com/IN' denied
Feb
Feb 23 17:21:05 bigdaddy named[85641]: client 218.19.160.163#64057:
update 'bigdaddy.com/IN' denied
so i put:
ALL : 218.19.160.163 : deny
in my hosts.allow but i still get that log piling up
Named isn't built with tcpwrapper support; it would probably cause too
much overhead.
On Wed, 23 Feb 2005 19:20:11 -0500 (EST), kalin mintchev [EMAIL PROTECTED]
wrote:
Feb 23 17:21:05 bigdaddy named[85641]: client 218.19.160.163#64057:
no such chances. the machine is not on my local network. on the network
where this machine is there is no windows machines. and the
BIND version 9.x (not sure on the exact version) and up supports ACLs.
example named.conf
acl china {
218.19.160.163; } ;
options {
blackhole {china;};
};
thanks ... that looks like a solution...
- jeff
--
___
On Tue, Jan 11, 2005 at 02:37:23PM +0700, Olivier Nicole wrote:
To my knowledge, the effects in /etc/hosts.allow are immediate as soon
as you save the modified file.
And I have been using it that way for many years.
No need to killall -HUP inetd, no need to reboot.
If after a change the
On Tue, Jan 11, 2005 at 02:31:47AM -0500, Bob Hall wrote:
Three questions:
How do I cause changes in the hosts.allow file to take effect without
rebooting? Everything I've seen says to restart inetd, but I'm not using
inetd.
I searched with different keywords and found the answer to this in
To my knowledge, the effects in /etc/hosts.allow are immediate as soon
as you save the modified file.
And I have been using it that way for many years.
No need to killall -HUP inetd, no need to reboot.
If after a change the service is still not available:
- you did not allow the right thing
-
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Long Story wrote:
| Hello everyone,
|
|Because of the MASS failure tries to connect to my server using
| random passwords
|I decided to allow only my IP to access the server.
http://www.die.net/doc/linux/man/man5/hosts.allow.5.html
- --
On Tue, Dec 02, 2003 at 12:54:32AM -0500, Kerry B. Rogers wrote:
I received an e-mail with the following header fragment:
===V=== cut here ===V
Received: from priv-edtnes11-hme0.telusplanet.net (outbound03.telus.net
[199.185.220.222])
by tinkertoys.net (8.12.10/8.11.6) with ESMTP id
I received an e-mail with the following header fragment:
===V=== cut here ===V
Received: from priv-edtnes11-hme0.telusplanet.net (outbound03.telus.net
[199.185.220.222])
by tinkertoys.net (8.12.10/8.11.6) with ESMTP id hANMNpKS021237;
Sun, 23 Nov 2003 15:23:51 -0700 (MST)
===^===
37 matches
Mail list logo
