Security Basics mailing list archives
Re: restricting telnet via username
From: "Gabriel Orozco" <gabriel_orozco () mx sumida com>
Date: Wed, 3 Mar 2004 07:52:59 -0600
Hello Varma proftp, as well as wu-ftpd (do not use wu-ftpd !) and I am not certain of vsftpd and pureftpd can restrict ftp access to users that do not have a valid shell account. you also have the file /etc/ftpusers, where you can add a username and then such username will not be able to enter via ftp. hope this helps. Gabriel ----- Original Message ----- From: "mahendra varma" <varma_yadavali () yahoo com> To: "Gabriel Orozco" <gabriel_orozco () mx sumida com> Sent: Wednesday, March 03, 2004 3:53 AM Subject: Re: restricting telnet via username
hi i would like to know how to restrict ftp access to particular user thanks in advance varma --- Gabriel Orozco <gabriel_orozco () mx sumida com> wrote:I think it's more or less simple: for telnet / ssh, you only need to put a valid shell in /etc/passwd to enable telnet. if you want to disable it, put /bin/false or an invalid shell (the first it's my regular choice. do not forget to add /bin/false to /etc/shells if you do not have it already there) Gabriel Orozco Sysadmin SAM/IT ----- Original Message ----- From: "Gregory Dunlap" <gtdunlap () midsouth rr com> To: "security-basics" <security-basics () securityfocus com> Sent: Friday, February 27, 2004 10:55 PM Subject: restricting telnet via usernameHello all, I'm attempting to restrict a telnet session of agroup of users whoneed to run one application on a server. Theylogin via telnet and thatis the only option at the moment. They need torun a shell script andthen that will launch the app. I've set the shellfor these users tothe shell script so they won't have access toanything but this app. Iwould like to restrict the telnet daemon furtherto allow only certainuser names so they can't do a brute force attack.In sshd_config I'veaways used allowd users setting but I don't seethat in the hpux telnetconfig. Any help would be greatly appreciated. Thanks, Greg---------------------------------------------------------------------------------------------------------------------------------------------------------- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.600 / Virus Database: 381 - Release Date: 28/02/2004--------------------------------------------------------------------------
-
Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN, wireless security Protect your network against hackers, viruses, spam and other risks with Astaro Security Linux, the comprehensive security solution that combines six applications in one software solution for ease of use and lower total cost of ownership. Download your free trial athttp://www.securityfocus.com/sponsor/Astaro_security-basics_040301--------------------------------------------------------------------------
--
__________________________________ Do you Yahoo!? Yahoo! Search - Find what you're looking for faster http://search.yahoo.com
--------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.securityfocus.com/sponsor/InfoSecInstitute_security-basics_040303 ----------------------------------------------------------------------------
Current thread:
- restricting telnet via username Gregory Dunlap (Mar 01)
- Re: restricting telnet via username Ansgar -59cobalt- Wiechers (Mar 01)
- Re: restricting telnet via username Gabriel Orozco (Mar 02)
- RE: restricting telnet via username Aditya, ALD [Aditya Lalit Deshmukh] (Mar 03)
- RE: restricting telnet via username Gregory Dunlap (Mar 04)
- Re: restricting telnet via username Bob Radvanovsky (Mar 04)
- RE: restricting telnet via username Gregory Dunlap (Mar 04)
- <Possible follow-ups>
- Re: restricting telnet via username Justin_Andrusk (Mar 01)
- Re: restricting telnet via username Gabriel Orozco (Mar 03)
- RE: restricting telnet via username Todd Fencl (Mar 04)
- RE: restricting telnet via username Bully Cillóniz (Mar 04)