TCLUG Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [TCLUG:12444] remote FTP question
If they have a static ip which I doubt, you would just add that in your
host.allow otherwise you will probably have to allow the whole subnet(S)
used by their isp which opens the door to hackers from that individual isp.
You are effectively denying all incoming traffic as 192.168.xxx..xxx is an
internal ip and should not be routed past any border, so unless stated in
the host.allow file they should be denied.
Jackie
Jacqueline Santopietro
santo004@tc.umn.edu
-----Original Message-----
From: Dave Erickson <gsa700@mediaone.net>
To: Twin Cities LUG <tclug-list@mn-linux.org>
Date: Saturday, January 15, 2000 10:23 PM
Subject: [TCLUG:12444] remote FTP question
>Hi everyone, I would like to allow a user to log in remotely from a
>dial-up without having to allow connections from everywhere.
>
>I have currently:
>
>hosts.deny - ALL:ALL
>
>hosts.allow - ALL:192.168.0.2 (My single Workstation)
>
>What do I do to allow the dialup without opening up my whole system?
>
>Also and probably related, I have Anonymous FTP setup on my computer and
>that is not accessible from the Internet either. Is this the same
>problem?
>
>Everything works when I comment out hosts.deny but that defeats the
>purpose yes?
>
>Thanks in advance.
>
>--
>Dave Erickson
>PGP Fingerprint - 42E7 5D02 162B 972F DD8C C37D 7BBE 15D2
>"I am the bread that comes down from Heaven" Jesus Christ
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: tclug-list-unsubscribe@mn-linux.org
>For additional commands, e-mail: tclug-list-help@mn-linux.org
>
>