From owner-freebsd-questions Tue Aug 24 9:30:27 1999 Delivered-To: freebsd-questions@freebsd.org Received: from ns.clientlogic.com (ns.clientlogic.com [207.51.66.75]) by hub.freebsd.org (Postfix) with ESMTP id 65B6E15FC3 for ; Tue, 24 Aug 1999 09:29:04 -0700 (PDT) (envelope-from ChrisMic@clientlogic.com) Received: by site0s1 with Internet Mail Service (5.5.2448.0) id ; Tue, 24 Aug 1999 11:21:33 -0400 Message-ID: <6C37EE640B78D2118D2F00A0C90FCB4401105BD7@site2s1> From: Christopher Michaels To: "'cjclark@home.com'" , andy0383@twcny.rr.com Cc: freebsd-questions@FreeBSD.ORG Subject: RE: Block port 21? Date: Tue, 24 Aug 1999 11:24:09 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2448.0) Content-Type: text/plain Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Is ftpd complied with the tcp wrappers? And if so, could he just put allow and deny rules in his /etc/hosts.allow and /etc/hosts.deny files. On a similar note, can someone explain to me exactly how these work, am I supposed to have one or both? Because I couldn't get my machine to deny service to anything not in hosts.allow until I explicitly denied access to everything in hosts.deny. -Chris > -----Original Message----- > From: Crist J. Clark [SMTP:cjc@cc942873-a.ewndsr1.nj.home.com] > Sent: Monday, August 23, 1999 11:30 PM > To: andy0383@twcny.rr.com > Cc: freebsd-questions@FreeBSD.ORG > Subject: Re: Block port 21? > > A Minkstein wrote, > > How do I set the firewall permissions to block port 21 so people can't > access my ftp? > > If you don't want anyone ever accessing ftp on a given machine, just > comment out the ftpd line in /etc/inetd.conf, then, > > # kill -HUP `cat /var/run/inetd.pid` > > To reload the file. Note this does not efffect your ability to ftp out > of your box. > > If you are closing out a specific set of hosts while allowing others, > or blocking external ftp into a subnet, firewalling is the better way > to go. The rule would be something along the lines of, > > # /sbin/ipfw add deny tcp from to > ftp > -- > Crist J. Clark cjclark@home.com > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message