It was bound to happen - suspected hack
Frank Wiles
frank at wiles.org
Thu Oct 21 08:26:11 CDT 2004
On Thu, 21 Oct 2004 09:03:19 -0400 (EDT)
"Jon Moss" <jon.moss at cnonline.net> wrote:
> I've been researching sshd and allowing/denying access and I think I
> have figured it out. Just please confirm that I'm on the right track.
>
> I edited my hosts.allow as follows:
>
> #
> # hosts.allow This file describes the names of the hosts which are
> # allowed to use the local INET services, as decided
> # by the '/usr/sbin/tcpd' server.
> #
> sshd: localhost 192.168.0.0/255.255.255.0 12.30.163.*
>
> And then my hosts.deny as follows:
>
> #
> # hosts.deny This file describes the names of the hosts which are
> # *not* allowed to use the local INET services, as decided
> # by the '/usr/sbin/tcpd' server.
> #
> # The portmap line is redundant, but it is left to remind you that
> # the new secure portmap uses hosts.deny and hosts.allow. In
> # particular you should know that NFS uses portmap!
> ALL : ALL
>
> However, I don't really have anyway to test this as I allowed access
> from everywhere that I am. :)
>
> Any suggestions and advice is still greatly appreciated.
Yes that is what you want to do to restrict SSH access.
---------------------------------
Frank Wiles <frank at wiles.org>
http://www.wiles.org
---------------------------------
More information about the Kclug
mailing list