Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: restricting telnet via username

From: "Gabriel Orozco" <gabriel_orozco () mx sumida com>
Date: Wed, 3 Mar 2004 07:52:59 -0600
Hello Varma

proftp, as well as wu-ftpd (do not use wu-ftpd !) and I am not certain of
vsftpd and pureftpd can restrict ftp access to users that do not have a
valid shell account. you also have the file /etc/ftpusers, where you can add
a username and then such username will not be able to enter via ftp.

hope this helps.
Gabriel

----- Original Message -----
From: "mahendra varma" <varma_yadavali () yahoo com>
To: "Gabriel Orozco" <gabriel_orozco () mx sumida com>
Sent: Wednesday, March 03, 2004 3:53 AM
Subject: Re: restricting telnet via username




hi

i would like to know how to restrict ftp access to
particular user

thanks in advance
varma
--- Gabriel Orozco <gabriel_orozco () mx sumida com>
wrote:

I think it's more or less simple:

for telnet / ssh, you only need to put a valid shell
in /etc/passwd to
enable telnet. if you want to disable it, put
/bin/false or an invalid shell
(the first it's my regular choice. do not forget to
add /bin/false to
/etc/shells if you do not have it already there)

Gabriel Orozco
Sysadmin
SAM/IT

----- Original Message -----
From: "Gregory Dunlap" <gtdunlap () midsouth rr com>
To: "security-basics"
<security-basics () securityfocus com>
Sent: Friday, February 27, 2004 10:55 PM
Subject: restricting telnet via username



Hello all,
  I'm attempting to restrict a telnet session of a

group of users who

need to run one application on a server.  They

login via telnet and that

is the only option at the moment.  They need to

run a shell script and

then that will launch the app.  I've set the shell

for these users to

the shell script so they won't have access to

anything but this app.  I

would like to restrict the telnet daemon further

to allow only certain

user names so they can't do a brute force attack.

In sshd_config I've

aways used allowd users setting but I don't see

that in the hpux telnet

config.  Any help would be greatly appreciated.

Thanks,
Greg






--------------------------------------------------------------------------

-





--------------------------------------------------------------------------

--






---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system
(http://www.grisoft.com).
Version: 6.0.600 / Virus Database: 381 - Release
Date: 28/02/2004




--------------------------------------------------------------------------

-

Free 30-day trial: firewall with virus/spam
protection, URL filtering, VPN,
wireless security

Protect your network against hackers, viruses, spam
and other risks with Astaro
Security Linux, the comprehensive security solution
that combines six
applications in one software solution for ease of
use and lower total cost of
ownership.

Download your free trial at


http://www.securityfocus.com/sponsor/Astaro_security-basics_040301



--------------------------------------------------------------------------

--





__________________________________
Do you Yahoo!?
Yahoo! Search - Find what you're looking for faster
http://search.yahoo.com




---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.securityfocus.com/sponsor/InfoSecInstitute_security-basics_040303
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: