From: selcuk karaca (selcuk.karaca@aski.gov.tr)
Date: Mon May 12 2003 - 07:05:06 EDT
Thanks to ;
Iain Barker
Christian Wessely
George Gallen
EuBank, Chris
Martin Adolfsson
for their helpfull suggestions ...
Suggestions:
***screend***
***tcpwrappers***
For usable info look at :
http://www.porcupine.org/wietse/hints-and-tips.html
I have learned that it works in my case..
IPFilter: (IPFilter is an open source firewalling/NAT software.)
It says
You can get it from: http://coombs.anu.edu.au/~avalon/
In the how-to file, I've found the following...
A long time ago at a university far, far away, Wietse
Venema created the tcp-wrapper package, and ever since, it's
been used to add a layer of protection to network services
all over the world. This is good. But, tcp-wrappers have
flaws. For starters, they only protect TCP services, as the
name suggests. Also, unless you run your service from
inetd, or you have specifically compiled it with libwrap and
the appropriate hooks, your service isn't protected. This
leaves gigantic holes in your host security....
FireWall:
Firewall is also suggested...
I have chosen the IPFilter option...
Thanks for your answers...
------------------------------------------
My question WAS:
Hello admins..
My system:
ES40 - Tru64Unix V5.1
I need to restrict the port access of a certain IP (or subnet..)
For example if the source IP is 192.168.100.5 then, I want to restrict port
access to 80..The source PC can not access other ports (ftp,telnet etc..)
But other IPs should access any port..
Can I do this with Tru64 ..?
TIA..
Selcuk KARACA
Unix System Administrator
Turkiye
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:49:18 EDT