Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'Modify Remote Login server to block scripted attacks' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Modify Remote Login server to block scripted attacks
Authored by: Schamschula on Feb 11, '05 01:30:22PM
Why all this trouble?

All you need to do is enable tcp wrappers. I wrote a quick HowTo about this several years ago, see How To Configure TCP Wrappers Under Mac OS X.

To make a long story short, you need to create the /etc/hosts.allow and /etc/hosts.deny files. See the man page, i.e. 'man hosts_access' for more detaisl.

[ Reply to This | # ]

Modify Remote Login server to block scripted attacks
Authored by: robg on Feb 11, '05 02:50:03PM

Can you explain how to use TCP wrappers to allow access from any unknown IP? That's my challenge; I have no idea what IP number my laptop will have at some hotel in Boston, and yet I still want to reach my home box.

In your writeup, I didn't see anything that would let me do that?

Thanks;
-rob.



[ Reply to This | # ]
TCP Wrappers
Authored by: Schamschula on Feb 11, '05 04:53:50PM

I probably should have been a bit more specific.

I meant the hosts_access (5) man page, i.e. man 5 hosts_access. It explains how to set up rules for specific situations. One can set up a rule like

/etc/hosts.deny:
ALL: ALL

/etc/hosts.allow:
ALL: username@ALL

would restrict access to only the single user in the hosts.allow file. However, the user can log in from any computer in the net.

I work around this issue by using less secure intermediate hosts to log into my secure machines.



[ Reply to This | # ]
Modify Remote Login server to block scripted attacks
Authored by: tinker on Feb 12, '05 02:10:50AM

Rob,

See my earlier response. The way to do this is with TCP wrappers and a dynamic IP service like No-IP. Works well, though you have to give No-IP a few minutes to send out your new IP every time you show up someplace new.



[ Reply to This | # ]