On Mon, Apr 16, 2007 at 02:08:12AM -0400, Kamaraju S Kusumanchi wrote: > Will Parkinson wrote: > > > Hi All, > > > > I was wondering if there was any way to restrict server ssh, ftp and > > even http access to certain countries / ip ranges? I've been using > > debian for a while at home but am pretty new to the security side of > > things. > > > > Any help much appreciated > > You can use /etc/hosts.allow, /etc/hosts.deny to allow and block certain > range of IPs. Both the files are very easy to configure. I don't know how > to allow/block access based on the country of origin.
These only work with services mediated by inet.d (tcp wrapper) The inet deamon checks incoming service request against these files before starting a service instance. Stand-alone daemons (and most are if you look at your inetd.conf; its probably all comments). Doug. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
