Protocol Encapsulation
Mark Hummel
mhummel at pcug.org.au
Mon Aug 6 23:07:01 EST 2001
On Mon, 6 Aug 2001, Sam Couter wrote:
> Mark Hummel <mhummel at pcug.org.au> wrote:
> >
> Ah, then you want packet filtering or TCP wrappers.
Thanks, but I did know about TCP wrappers. Actually, Jeremy has suggested
just relying on hosts.allow and hosts.deny. I think that would sufficient.
The only thing I was worried about was spoofing - a packet pretends to be
from one of the trusted machines...
>
> Packet filtering (firewalling):
> For a 2.2 kernel, look for stuff about ipchains.
> For a 2.4 kernel, look for stuff about iptables.
> Google is your friend.
>
> TCP wrappers:
> man hosts.allow and hosts.deny and tcpd. If your services are not running
> from inetd, you'll need to make sure they use libwrap. If they don't, you'll
> have to use packet filtering or use whatever access controls they provide
> themselves.
>
> Hope this helps.
> --
> Sam Couter | Internet Engineer | http://www.topic.com.au/
> sam at topic.com.au | tSA Consulting |
> OpenPGP key ID: DE89C75C, available on key servers
> OpenPGP fingerprint: A46B 9BB5 3148 7BEA 1F05 5BD5 8530 03AE DE89 C75C
>
More information about the linux
mailing list