Date: Fri, 19 May 2006 18:55:52 -0700 From: jekillen <jekillen@prodigy.net> To: freebsd-questions <freebsd-questions@freebsd.org> Subject: hosts.allow and ssh problem Message-ID: <6b8ab79d578aec086fb10590dee29616@prodigy.net>
next in thread | raw e-mail | index | archive | help
Hello all; I am trying to deny ftp access to my web site from out side. I have two nics on the server and access it from the inside network via one and serve to the public on the other. I tried to write a rule in hosts.allow to deny ftp connections to the public ip address which has worked. But a side effect is that I can now not connect from local machines via ssh. I reverted back to 'ALL : all ; allow' to confirm that that was in deed why ssh started refusing connections, as it now will accept connections. I even ssh'd to one machine and while in that shell, ssh'd to the server and got in to the server via another machine on the local network. I am concerned because I have had repeated attempts to login to the server over ftp from outside. I do all the development and posting from local network so there is no reason whatsoever for anyone from the out side to get ftp access to my site. How can I do this in hosts.allow? A few nights ago I noticed odd activity on the router (leds going bananas) so I did tcpdump on the server and saw a great deal of ftp activity that didn't look right, from foreign addresses. I shut the web server and the secondary dns server down while I dug through Absolute FreeBSD to get some direction. I can live with ssh refusing local connections but I don't think it should be that way. Thanks in advance; JK
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6b8ab79d578aec086fb10590dee29616>