Subject: | |
From: | |
Reply To: | |
Date: | Wed, 21 Aug 1996 13:40:00 -0400 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
As with HP/UX you should be able to allow/deny access to any
service listed in the services file (not sure where it is on 5.0 or
5.5 we're still on 4.0.
______________________________ Reply Separator _________________________________
Subject: Re[2]: tcpwrapper
Author: [log in to unmask] at HMS-Internet
Date: 8/21/96 1:38 PM
In <[log in to unmask]> [log in to unmask] writes:
> On Tue, 20 Aug 1996 21:23:45 -0500 Bruce Senn said:
> >Does anyone know whether tcpwrapper exists for the HP3000? If so
> >where?
>
> It doesn't that I know of, but more importantly, it wouldn't do much good.
> The tcpwrapper code is designed to be invoked as a top-level inetd shell on
> services controlled by inetd. As the only services under control of inetd on
> MPE/iX (5.5 and above; moot point if < 5.5) are telnet, bootp, and tftp, it
> doesn't buy you much. It buys you even less given that telnet doesn't have
> a true shell, but rather is implemented as an "internal" service to inetd.
>
> On the plus side, you can provide firewall-type (not true firewall, mind
> you, so don't nitpick me on that one!) security for telnet sessions since
> the 5.5 inetd does provide support for /usr/adm/inetd.sec file as HP-UX does.
> You can selectively permit or deny access based on domain names or network
> numbers. That part is *extremely* slick :-)
>
> Jeff Kell <[log in to unmask]>
Thanks, Jeff, I'll be looking at the features of 5.5. Are there any
similar methods to restrict ftp access?
Bruce.
----------------------------------------------------------------------
Bruce J. Senn Phone: (518) 388-6664
Senior System Manager FAX: (518) 388-6458
Union College Internet: [log in to unmask]
Schenectady, NY 12308
----------------------------------------------------------------------
|
|
|