HPE Community
Operating System - HP-UX
1834312 Members
2232 Online
110066 Solutions
New Discussion

Re: managing TCP/IP-Tools on per user level

 
Martin Christov
Advisor

‎06-29-2001 03:49 AM

‎06-29-2001 03:49 AM

managing TCP/IP-Tools on per user level

Hello,
is it possible to allow or disable for all configured users the usage of ftp, tftp, telnet, rlogin, remsh, rcp etc under HPUX-11.00?
Regards:
Martin
sudo question
0 Kudos
Reply
6 REPLIES 6
Herve BRANGIER
Respected Contributor

‎06-29-2001 04:07 AM

‎06-29-2001 04:07 AM

Re: managing TCP/IP-Tools on per user level

Hi

For ftp you can use /etc/ftpusers. For others
services I don't know how to do at user level.
See /var/adm/inetd.sec for network level.

HTH

Herv?

0 Kudos
Reply
Martin Christov
Advisor

‎06-29-2001 04:43 AM

‎06-29-2001 04:43 AM

Re: managing TCP/IP-Tools on per user level

I am familiar with the functionality of WU-ftpd under HPUX. You are right.

/var/adm/inetd.sec allows management only at host-level:

I don't think that you can entry usernames there...?
sudo question
0 Kudos
Reply
Ralf Hildebrandt
Valued Contributor

‎06-29-2001 07:18 AM

‎06-29-2001 07:18 AM

Re: managing TCP/IP-Tools on per user level

You can use tcp_wrappers to restrict access on a per-user basis.
Postfix/BIND/Security/IDS/Scanner, you name it...
0 Kudos
Reply
Martin Christov
Advisor

‎06-29-2001 11:43 AM

‎06-29-2001 11:43 AM

Re: managing TCP/IP-Tools on per user level

Hello Ralph,
where can I get tcp_wrappers (exe or source) for HPUX-11.00?
sudo question
0 Kudos
Reply
James R. Ferguson
Acclaimed Contributor

‎06-29-2001 02:27 PM

‎06-29-2001 02:27 PM

Re: managing TCP/IP-Tools on per user level

Hi Martin:

You can get tcp_wrappers from here:

ftp://ftp.porcupine.org/pub/security/index.html

...JRF...
0 Kudos
Reply
Bill Thorsteinson
Honored Contributor

‎07-01-2001 08:49 PM

‎07-01-2001 08:49 PM

Re: managing TCP/IP-Tools on per user level

The above solutions apply to denying incoming use of
the tools. For outgoing use you can restict the access
privileges of tools. A command like
chmod 750 `which ftp`
will disable use of the command for most users. mode
700 will allow only the owner to execute the command.

Firewalls can be used to limit the reach of these commands.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.