Date: Tue, 24 Aug 1999 11:24:09 -0400 From: Christopher Michaels <ChrisMic@clientlogic.com> To: "'cjclark@home.com'" <cjclark@home.com>, andy0383@twcny.rr.com Cc: freebsd-questions@FreeBSD.ORG Subject: RE: Block port 21? Message-ID: <6C37EE640B78D2118D2F00A0C90FCB4401105BD7@site2s1>
next in thread | raw e-mail | index | archive | help
Is ftpd complied with the tcp wrappers? And if so, could he just put allow and deny rules in his /etc/hosts.allow and /etc/hosts.deny files. On a similar note, can someone explain to me exactly how these work, am I supposed to have one or both? Because I couldn't get my machine to deny service to anything not in hosts.allow until I explicitly denied access to everything in hosts.deny. -Chris > -----Original Message----- > From: Crist J. Clark [SMTP:cjc@cc942873-a.ewndsr1.nj.home.com] > Sent: Monday, August 23, 1999 11:30 PM > To: andy0383@twcny.rr.com > Cc: freebsd-questions@FreeBSD.ORG > Subject: Re: Block port 21? > > A Minkstein wrote, > > How do I set the firewall permissions to block port 21 so people can't > access my ftp? > > If you don't want anyone ever accessing ftp on a given machine, just > comment out the ftpd line in /etc/inetd.conf, then, > > # kill -HUP `cat /var/run/inetd.pid` > > To reload the file. Note this does not efffect your ability to ftp out > of your box. > > If you are closing out a specific set of hosts while allowing others, > or blocking external ftp into a subnet, firewalling is the better way > to go. The rule would be something along the lines of, > > # /sbin/ipfw add deny tcp from <external world> to <protected machine(s)> > ftp > -- > Crist J. Clark cjclark@home.com > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6C37EE640B78D2118D2F00A0C90FCB4401105BD7>