RE: [newbie] Restricting user access by IP
I have spent allot of time with /etc/httpd/conf/access.conf httpd.conf(many hours). The results I'm getting are not what I'm looking for! I can restrict users based on subnet but not at the ip level no matter what $%* I do My assumption is that, the above mentioned files will not restrict users from telnet access. You're right, telnet is handled by the inetd daemon, you have to configure the following files: inet.conf - to enable the telnet daemon (I guess you already have this running) hosts.deny - here you specify which hosts are not allowed to access the service you specify in your machine hosts.allow - like hosts.deny, but the other way :) My suggestion is: disable everybody in hosts.deny and enable just the subnet you want in hosts.allow. In your case it could be: hosts.deny: ALL: ALL hosts.allow: in.ftpd: here_is_your_subnet Please note that, for this to work, you must have tcp wrappers running, I think is always running by default, so you shouldn't have any problem. BTW, all this stuff is better explained in NET3-HOWTO, you should read that document Regards, Toshiro.
Re: [newbie] Restricting user access by IP
You can set up ipchains too. see : man ipchains how-to Le Thu, 07 Oct 1999, vous avez écrit : Is it possible to configure a linux server to only allow 10 users access to server web pages and telnet(on a intranet web server). Is there an easy way to do this? Or must I learn how to set up a VPN? My assumption is that host.allow only restricts access to telnet not httpd? Is this right? Also, what is involved in verifing a DNS configuration. The status now is that anybody on our network can access this server without any problems. I would like to restrict this to only 10 users! -- -- Frederic PLE email: [EMAIL PROTECTED] --
Re: [newbie] Restricting user access by IP
"Lambert, Stephen : CO IR" wrote: Is it possible to configure a linux server to only allow 10 users access to server web pages and telnet(on a intranet web server). Is there an easy way to do this? Or must I learn how to set up a VPN? My assumption is that host.allow only restricts access to telnet not httpd? Is this right? Also, what is involved in verifing a DNS configuration. The status now is that anybody on our network can access this server without any problems. I would like to restrict this to only 10 users! You'll actually want to investigate the configuration files in /etc/httpd/conf. Apache isn't run through inetd and isn't controlled by TCP Wrappers. http://www.apache.org should have definitive information on how to configure those files to limit server access to the 10 users. -- Steve Philp Network Administrator Advance Packaging Corporation [EMAIL PROTECTED]
RE: [newbie] Restricting user access by IP
I have spent allot of time with /etc/httpd/conf/access.conf httpd.conf(many hours). The results I'm getting are not what I'm looking for! I can restrict users based on subnet but not at the ip level no matter what $%* I do My assumption is that, the above mentioned files will not restrict users from telnet access. Surely there has to be a better way? Right now I am surfing http://metalab.unc.edu/pub/Linux/docs/HOWTO/Firewall-HOWTO . Setting up a firewall sounds so intimidating! This whole HOWTO web page is just greek to me. I didn't find an example of my situation there. I don't have man pages for ipfwadm or ipchains(not sure why). Also, If the firewall service is considered a "generic service", then how do you envoke it? Configure it? Meanwhile my web server is available to our whole company, not just the intended 10 users.(stress) -Original Message- From: Steve Philp [mailto:[EMAIL PROTECTED]] Sent: Thursday, October 07, 1999 3:48 PM To: [EMAIL PROTECTED] Subject: Re: [newbie] Restricting user access by IP "Lambert, Stephen : CO IR" wrote: Is it possible to configure a linux server to only allow 10 users access to server web pages and telnet(on a intranet web server). Is there an easy way to do this? Or must I learn how to set up a VPN? My assumption is that host.allow only restricts access to telnet not httpd? Is this right? Also, what is involved in verifing a DNS configuration. The status now is that anybody on our network can access this server without any problems. I would like to restrict this to only 10 users! You'll actually want to investigate the configuration files in /etc/httpd/conf. Apache isn't run through inetd and isn't controlled by TCP Wrappers. http://www.apache.org should have definitive information on how to configure those files to limit server access to the 10 users. -- Steve Philp Network Administrator Advance Packaging Corporation [EMAIL PROTECTED]