From owner-freebsd-questions Thu Jul 26 17:32: 5 2001 Delivered-To: freebsd-questions@freebsd.org Received: from nebula.anchoragerescue.org (cable-115-7-237-24.anchorageak.net [24.237.7.115]) by hub.freebsd.org (Postfix) with ESMTP id 4FB3B37B405 for ; Thu, 26 Jul 2001 17:31:51 -0700 (PDT) (envelope-from akbeech@anchoragerescue.org) Received: from galaxy.anchoragerescue.org (galaxy.anchoragerescue.org [24.237.7.95]) by nebula.anchoragerescue.org (Postfix) with SMTP id 3C585D3; Thu, 26 Jul 2001 16:31:44 -0800 (AKDT) Content-Type: text/plain; charset="iso-8859-1" From: Beech Rintoul To: Erin Fortenberry , "'G D McKee'" , Lee Mark Mercado Subject: Re: login access Date: Thu, 26 Jul 2001 16:31:44 -0800 X-Mailer: KMail [version 1.2] Cc: freebsd-questions@FreeBSD.ORG References: In-Reply-To: MIME-Version: 1.0 Message-Id: <01072616314400.00796@galaxy.anchoragerescue.org> Content-Transfer-Encoding: 8bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Thursday 26 July 2001 10:54 am, Erin Fortenberry wrote: > > Put a # in front of the relevant lines in your etc/inetd.conf > > file. Then HUP inetd. > > This is going to block all people from being able to have access via those > ports. What I would do (and have done) to build a firewall (ipf, ipfw, > etc.) and block any open ports to the machine. You need to remove telnet > anyways, or at least fix it. I would suggest running an ssh daemon like > openssh, you can build it out of the ports. > > Blocking ports is only the beginning of actually securing the machine. You > need to add users with using a shell that will not give them access such as > /bin/nologin. You can also add users to the /etc/ftpusers file to block > their being able to use ftp. > > > Erin ssh is now part of the base dist. Just update to the latest 4-STABLE. Beech > > Gordon > > > > ----- Original Message ----- > > From: "Lee Mark Mercado" > > To: > > > > > how could i deny login from FTP, TELNET - allowing only > > > > POP3 access ? > > > > > please help. thx> > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message -- Micro$oft: "Where can we make you go today?" ------------------------------------------------------------------- Beech Rintoul - IT Manager - Instructor - akbeech@anchoragerescue.org /"\ ASCII Ribbon Campaign | Anchorage Gospel Rescue Mission \ / - NO HTML/RTF in e-mail | P.O. Box 230510 X - NO Word docs in e-mail | Anchorage, AK 99523-0510 / \ ----------------------------------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message