LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 07-25-2007, 08:25 PM   #1
shankarLe
Member
 
Registered: Apr 2006
Location: Hyderabad,India
Distribution: RedHat EL 4
Posts: 31

Rep: Reputation: Disabled
How to block access certain services


Hello,

I have RedHat 4 ES box with all services are installed (web,ftp,mail).can anybody tell me how to block certain hosts or IP addresses to access services on my box. Example, I need to block these hosts(192.168.0.1 and 192.168.0.2)to access any services(mainly sshd) on my box and others can have access. Is this possible via IP tables or TCP wrappers? Please explain with examples...

Thanks
 
Old 07-25-2007, 11:23 PM   #2
shadowsnipes
Senior Member
 
Registered: Sep 2005
Distribution: Slackware
Posts: 1,443

Rep: Reputation: 74
Yes you can do all of that with either a firewall or TCP wrappers. For examples on TCP wrappers check out

http://docsrv.sco.com/NET_tcpip/filt...p_wrap_ex.html
http://linux.about.com/od/commands/l...stsde.htm?rd=1
(both easily found with google)

For setting up a linux firewall I recommend using a program such as firestarter. Once the firewall is setup you don't actually have to use the program anymore. Firestarter also has this nice feature that allows you to see hits on your firewall as they happen and allows you to easily modify your fireall based upon the information you gather from the event. If you would rather do it the manual way then I suggest checking out a page such as http://tldp.org/HOWTO/Firewall-HOWTO.html.

I personally just use TCP wrappers to deny everything unless explicitly allowed (ALL:ALL in hosts.deny) and then use a firewall to do the rest.
 
Old 07-27-2007, 03:31 AM   #3
shankarLe
Member
 
Registered: Apr 2006
Location: Hyderabad,India
Distribution: RedHat EL 4
Posts: 31

Original Poster
Rep: Reputation: Disabled
Thanks!!

Quote:
Originally Posted by shadowsnipes
Yes you can do all of that with either a firewall or TCP wrappers. For examples on TCP wrappers check out

http://docsrv.sco.com/NET_tcpip/filt...p_wrap_ex.html
http://linux.about.com/od/commands/l...stsde.htm?rd=1
(both easily found with google)

For setting up a linux firewall I recommend using a program such as firestarter. Once the firewall is setup you don't actually have to use the program anymore. Firestarter also has this nice feature that allows you to see hits on your firewall as they happen and allows you to easily modify your fireall based upon the information you gather from the event. If you would rather do it the manual way then I suggest checking out a page such as http://tldp.org/HOWTO/Firewall-HOWTO.html.

I personally just use TCP wrappers to deny everything unless explicitly allowed (ALL:ALL in hosts.deny) and then use a firewall to do the rest.

Thank you for your information!! That firestarter firewall certainly good
 
Old 07-27-2007, 04:35 AM   #4
brianmcgee
Member
 
Registered: Jun 2007
Location: Munich, Germany
Distribution: RHEL, CentOS, Fedora, SLES (...)
Posts: 399

Rep: Reputation: 40
To find out wether you could use tcp_wrapper with your application try this one:

Code:
# ldd $(which sendmail) | grep libwrap.so >/dev/null; let "ans= ! $?"; echo $ans
1
# ldd $(which postfix) | grep libwrap.so >/dev/null; let "ans= ! $?"; echo $ans
0
If the program is linked with libwrap.so (==1) then tcp_wrapper will work. Else it won't (==0)
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
how to block internet access? E_l_d_o Linux - Networking 2 05-03-2007 01:39 PM
i need help... how to block internet access... E_l_d_o Linux - General 3 05-03-2007 01:00 PM
access the block website by certain IP space_beyond Linux - Security 1 06-03-2005 01:33 AM
iptables to block lan services (audit mine) michaelsanford Linux - Networking 3 04-26-2005 10:25 AM
Level & Checks block Services (Telnet, VNC...) kt8993 Mandriva 2 10-03-2004 10:35 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 03:27 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration