Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!nntp.coast.net!zombie.ncsc.mil!news.mathworks.com!newsfeed.internetmci.com!newsreader.sprintlink.net!news.sprintlink.net!news-fw-12.sprintlink.net!news.tcd.net!jeremy From: jeremy@vcn.com (Jeremy Malli) Newsgroups: comp.unix.bsd.bsdi.misc Subject: Re: Tcp Wrapper Date: Sun, 14 Jul 1996 14:18:07 -0600 Organization: Visionary Communications Lines: 21 Message-ID: <jeremy-1407961418070001@news.tcd.net> References: <31E5C432.3A25@soonet.ca> NNTP-Posting-Host: quantum.vcn.com Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit X-Newsreader: Yet Another NewsWatcher 2.2.0b13 TCP Wrapper only limits access to certain ports, if you think of the regular telnet port as port 23, and you have access limited to only your domain, then anyone outside your domain who tries to access port 23 will be denied. But if someone tries to access say port 110 (popper) they will be able to, unless you've denied them access in your hosts.deny. The easiest way, in my experience, to set up TCP Wrapper is to deny service to everyone and then in your hosts.allow, only allow your domain, and any other domain you want, access to the services they need... In article <31E5C432.3A25@soonet.ca>, Don Joy <joydon@soonet.ca> wrote: > I'm using bsd 2.1 and i'm running tcp wrapper to limit who can access > services, especially telnet. It works great except if someone telnets > in using a port parameter such as "telnet host 119". In this case, the > access list seems to be bypassed entirely and they are givin access > where they wouldn't normally have been. Anyone have a workaround for > this. Thanks. > -- > Don Joy > System Administrator > SooNet Corp.