I want to secure my server where certain servers can't connect to the server via ftp, telnet, ssh or any other way to connect. I was looking at the /var/adm/inetd.sec but I'm not sure it will work. Also will a shell script that will be reads into /etc/profile work? If so do anyone have one already created. Please help!!!
The 'inetd.sec' file should certainly serve your purpose. Have a look at the man pages ('man (4) inetd.sec'). There are some examples and guidelines for dealing with multiple servers. Changes to 'inetd.sec' apply to any subsequent connections.
The reason for your problem can be found in the man pages: "Multiple allow|deny lines for each service are not supported. If there are multiple allow|deny lines for a particular service, all but the last line are ignored."
Hey I look at the man pages again and what you said I had done earlier and this was the reason I did it the way I did. So I move it back:
login deny servername1 servername2 servername3
So the problem still exist. What files are associated with this inetd.sec that need to be a certain way in order for this to work. The permision on the file is 444.
I'm not doing rlogin command on this server, just a regular telnet command. I know in the inetd.sec you can specify who you want to have access to rlogin to your server.
Sorry, you did say "telnet" in your post. I was focused on the syntax you offered which referenced "login". My comment was meant to focus you on the fact that multiple lines with the same referenced service must *not* declare the service more than once. Using the backslash to continue lines is appropriate as the man pages show.
The Forum appears to be striping the backslash (continuation) character from replies. I've reported that in Dan's Issues thread.
