As with HP/UX you should be able to allow/deny access to any
     service listed in the services file (not sure where it is on 5.0 or
     5.5 we're still on 4.0.
 
 
______________________________ Reply Separator _________________________________
Subject: Re[2]: tcpwrapper
Author:  [log in to unmask] at HMS-Internet
Date:    8/21/96 1:38 PM
 
 
 In <[log in to unmask]> [log in to unmask] writes:
 
> On Tue, 20 Aug 1996 21:23:45 -0500 Bruce Senn said:
> >Does anyone know whether tcpwrapper exists for the HP3000?  If so
> >where?
>
> It doesn't that I know of, but more importantly, it wouldn't do much good.
> The tcpwrapper code is designed to be invoked as a top-level inetd shell on
> services controlled by inetd.  As the only services under control of inetd on
> MPE/iX (5.5 and above; moot point if < 5.5) are telnet, bootp, and tftp, it
> doesn't buy you much.  It buys you even less given that telnet doesn't have
> a true shell, but rather is implemented as an "internal" service to inetd.
>
> On the plus side, you can provide firewall-type (not true firewall, mind
> you, so don't nitpick me on that one!) security for telnet sessions since
> the 5.5 inetd does provide support for /usr/adm/inetd.sec file as HP-UX does.
> You can selectively permit or deny access based on domain names or network
> numbers.  That part is *extremely* slick :-)
>
> Jeff Kell <[log in to unmask]>
 
Thanks, Jeff, I'll be looking at the features of 5.5.  Are there any
similar methods to restrict ftp access?
 
Bruce.
 
----------------------------------------------------------------------
   Bruce J. Senn                             Phone:  (518) 388-6664
   Senior System Manager                     FAX:    (518) 388-6458
   Union College                   Internet:  [log in to unmask]
   Schenectady, NY 12308
----------------------------------------------------------------------