[4030] in linux-net channel archive
Re: Security with PPP, IPFWADM
daemon@ATHENA.MIT.EDU (Nigel Metheringham)
Thu Aug 15 19:33:55 1996
To: joseph@voltec.com
cc: linux-net@vger.rutgers.edu
From: Nigel Metheringham <Nigel.Metheringham@theplanet.net>
In-reply-to: Your message of "Mon, 12 Aug 1996 10:46:51 CDT."
<199608121447.AA08206@voltec.com>
Date: Wed, 14 Aug 1996 09:58:13 +0100
[The IP Masquerading list is a better forum for these queries]
} However, since my Linux Box is on the net, how can I reject a
} Telnet or rlogin session from any IP that isn't on our LAN.
} Furthermore, is it possible to have the inetd accept only from our
} LAN. This way, I can still keep ping, finger & netstat (which are
} involuable to me) and still not compromise our security.
You could handle these at an application level - tcpd or (better)
xinetd (which can bind to a specific port in the latest versions).
other alternatives are to use the firewall to block connections in to
these ports which are not from the local interface/local net.
Probably the best solution is to do both!
Nigel.
--
[ Nigel.Metheringham@theplanet.net - Unix Applications Engineer ]
[ *Views expressed here are personal and not supported by PLAnet* ]
[ PLAnet Online : The White House Tel : +44 113 251 6012 ]
[ Melbourne Street, Leeds LS2 7PS UK. Fax : +44 113 2345656 ]
