Return to BSD News archive
Received: by minnie.vk1xwt.ampr.org with NNTP id AA5152 ; Tue, 22 Dec 92 05:01:26 EST Xref: sserve comp.protocols.tcp-ip:21122 comp.unix.bsd:9148 Path: sserve!manuel.anu.edu.au!munnari.oz.au!sgiblab!spool.mu.edu!uwm.edu!ogicse!flop.ENGR.ORST.EDU!gaia.ucs.orst.edu!gecko.oes.orst.edu!matt From: matt@gecko.oes.orst.edu (Matt Curfman) Newsgroups: comp.protocols.tcp-ip,comp.unix.bsd Subject: Re: Limiting Telnet access. Message-ID: <1gt45tINNprl@gaia.ucs.orst.edu> Date: 18 Dec 92 18:10:05 GMT Article-I.D.: gaia.1gt45tINNprl References: <1992Dec17.230214.16501@vector.dallas.tx.us> Organization: Oregon State University, Corvallis OR USA Lines: 46 NNTP-Posting-Host: ra-box.wtfd.orst.edu In article <1992Dec17.230214.16501@vector.dallas.tx.us> tbo@vector.dallas.tx.us (Terry Bohaning) writes: >I've recently become very concerned about the security of many of >the Unix workstations under my care. Some of the users are overly >free with their passwords and I would really like to limit access >to the systems. > >Has anyone modified the telnet daemon to include to capability >for an allow/deny file. What I'm thinking of is a way to prevent >any machine not listed in an allow file or every machine except >those listed in a deny file from telneting into our machines. > >I've gotten the BSD Net 2 sources and have started looking at them, >but wondered if anyone else has already tried this yet. > >Your comments please...... > >Terry Bohaning tbo@vector.dallas.tx.us I have installed on my 386bsd machine a package called wrapper. From the Readme: --o-- This package provides a couple of tiny programs that monitor incoming requests for IP services such as TFTP, EXEC, FTP, RSH, TELNET, RLOGIN, FINGER, SYSTAT, and many others. Optional features are: access control based on pattern matching; remote username lookup using the RFC 931 protocol; protection against rsh and rlogin attacks from hosts that pretend to have someone elses name. <deleted> Wietse Venema (wietse@wzv.win.tue.nl), Department of Mathematics and Computing Science, Eindhoven University of Technology, The Netherlands. --o-- I have placed a copy of wrapper.tar.Z on anonymous ftp at oes.orst.edu in /pub/386bsd/wrapper.tar.Z. There are many other sites for this software as well. -mc _____________________________________________________________________________ Matt Curfman Almanac Information Archivist matt@gecko.oes.orst.edu Oregon State University Extension