how to deny user from accessing FTP service using /etc/hosts.deny in redhat 6
Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
"user" and hosts.deny is not typical, not like peanut butter & jelly.
i am not a big user of hosts.deny/allow,
typically hosts.deny/allow use hostnames or IP. however, maybe a way to mix "user" in with hosts.deny/allow is to use hosts.allow with something like "in.ftpd ALL:" and spawn a script that reads a file "not-allowed-ftp-users" and then finds a ftpd PID that matches username from file list and then kill the PID.
sounds like it can work, just not sure if this is what you are needing, meaning there are other better ways to handle such, but you asked about hosts.deny, etc.
The OP specifically asked about using TCP wrappers..wouldn't it be best to address the need? And the thread you directed to is ten years old...quite a bit has changed.
Redhat 6 is more than 10 years old (though I concede that he may have meant RHEL 6 rather than Redhat 6) and TCP wrappers isn't the correct way block specific users from FTP (in many cases, it's not even possible). If you want to block specific users then you need to blacklist them in the FTP server settings (as the guy you quoted correctly advised)
if it is RH6 then it should not be still connected to the net
Indeed, but you'd be amazed at some of the old systems that are still in use (in my last job, there was a Win95 desktop still being used as a web terminal for secure payments - in fact it's probably still in use :-/ )