On Tue, Jul 04, 2000 at 03:29:16PM +0100, Patrick Kirk wrote: > Hi all, > > I've just installed a Debian server for a chap who insists on using > telnet from Windows boxes within the LAN if he wants to login. I want > to restrict this so that telnet can be done from the 10.0.0.0 range but > ssh can be used from anywhere, even if reverse DNS isn't available. > That's because I want to be able to login myself and fix things from > wherever I happen to be. > > I have set hosts.deny as blank and hosts.allow as ALL: ALL
This is dangeroous. /etc/hosts.deny should be "ALL:ALL", and selected clients should be allowed for selected domains in /etc/hosts.allow. > Any thoughts on how to set up the rules to allows the setup above? I'd also look into ssh clients for Windows. I know there are Java clients available. -- Karsten M. Self <kmself@ix.netcom.com> http://www.netcom.com/~kmself Evangelist, Opensales, Inc. http://www.opensales.org What part of "Gestalt" don't you understand? Debian GNU/Linux rocks! http://gestalt-system.sourceforge.net/ K5: http://www.kuro5hin.org GPG fingerprint: F932 8B25 5FDD 2528 D595 DC61 3847 889F 55F2 B9B0
pgpMKLRdBx5Ii.pgp
Description: PGP signature