Date: Fri, 26 Aug 2005 11:40:43 +1000 From: freebsd-questions@auscert.org.au To: freebsd-questions@freebsd.org Cc: "albi@scii.nl" <albi@scii.nl> Subject: Re: Illegal access attempt - FreeBSD 5.4 Release - please advise Message-ID: <200508260140.j7Q1ehvA013284@app.auscert.org.au> In-Reply-To: Your message of "Fri, 26 Aug 2005 00:48:11 %2B0200." <20050826004811.7d730f7c.albi@scii.nl>
next in thread | previous in thread | raw e-mail | index | archive | help
> On Fri, 26 Aug 2005 00:24:48 +0200 > Maarten Sanders <maarfree@xs4all.nl> wrote: > > > Nice suggestion, but how do I enable tcp_wrappers with sshd? > > from > http://lists.freebsd.org/pipermail/freebsd-security/2004-September/002351.htm > l > > in /usr/src/crypto/openssh/config.h > find the line : > /* Define if you want TCP Wrappers support */ > enable it, rebuild etc. This is the default, so no need to rebuild - you just have to tighten up your /etc/hosts.allow. Instead of the default: ALL : ALL : allow try (eg if you have a host 192.168.1.1): sshd : 192.168.1.1 : allow ALL : ALL : deny joel
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200508260140.j7Q1ehvA013284>