HPE Community
Operating System - HP-UX
1771279 Members
1778 Online
109004 Solutions
New Discussion юеВ

How to restrict telnet and ftp access by IP address

 
SOLVED
Go to solution
Aji Thomas
Regular Advisor

тАО09-15-2005 02:47 AM

тАО09-15-2005 02:47 AM

How to restrict telnet and ftp access by IP address

Hi guys,
I would like to know how to restrict telnet and ftp access by IP.

I can provide a list of valid IP's which should be able to login to telnet and ftp sessions.

please advice as we are trying to implement security.

regards,
Aji
0 Kudos
8 REPLIES 8
Orhan Biyiklioglu
Respected Contributor

тАО09-15-2005 02:51 AM

тАО09-15-2005 02:51 AM

Re: How to restrict telnet and ftp access by IP address

check the inetd.sec file

man inetd.sec

you can also use tcpwrappers for this purpose by it is not installed by default.
0 Kudos
Orhan Biyiklioglu
Respected Contributor

тАО09-15-2005 02:53 AM

тАО09-15-2005 02:53 AM

Solution

Re: How to restrict telnet and ftp access by IP address

the format of the inetd.sec file is as follows:



examples

telnet allow 10.* 192.168.*
ftp allow 10.* 192.168.*
0 Kudos
Fabio Ettore
Honored Contributor

тАО09-15-2005 02:55 AM

тАО09-15-2005 02:55 AM

Re: How to restrict telnet and ftp access by IP address

Hi Aji,

just insert the following lines into /var/adm/inetd.sec:

telnet deny
ftp deny

For more examples and forms see section EXAMPLES in man inetd.sec.

HTH.

Best regards,
Fabio
WISH? IMPROVEMENT!
0 Kudos
Fabio Ettore
Honored Contributor

тАО09-15-2005 02:56 AM

тАО09-15-2005 02:56 AM

Re: How to restrict telnet and ftp access by IP address

...and you haven't to restart any daemons because the changes are effectively immediately.

Best regards,
Fabio
WISH? IMPROVEMENT!
0 Kudos
Raj D.
Honored Contributor

тАО09-15-2005 02:58 AM

тАО09-15-2005 02:58 AM

Re: How to restrict telnet and ftp access by IP address

Hi Aji ,

Its /var/adm/inetd.sec

You can put like this :

login allow 10.* 192.54.24.5

Check #man inetd.sec for further.

Cheers,
Raj.
" If u think u can , If u think u cannot , - You are always Right . "
0 Kudos
Raj D.
Honored Contributor

тАО09-15-2005 03:00 AM

тАО09-15-2005 03:00 AM

Re: How to restrict telnet and ftp access by IP address

Aji ,

You can put

telnet deny and ftp deny with IP address.

in /var/adm/inetd.sec

telnet deny IP
ftp deny IP

Cheers,
Raj.
" If u think u can , If u think u cannot , - You are always Right . "
0 Kudos
Alessandro Pilati
Esteemed Contributor

тАО09-15-2005 03:03 AM

тАО09-15-2005 03:03 AM

Re: How to restrict telnet and ftp access by IP address

As correctly said by the other forumers you can managet inetd.sec file, or you could use also IP-Filter ( less simple ):

http://www.obfuscation.org/ipf/ipf-howto.txt

Regards,
Alex
if you don't try, you'll never know if you are able to
0 Kudos
Aji Thomas
Regular Advisor

тАО09-15-2005 04:07 AM

тАО09-15-2005 04:07 AM

Re: How to restrict telnet and ftp access by IP address

Hi guys,

thanks fot the update,
It worked dynamically.

thanks,
AJi
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.