TCP Wrappers TCP Wrappers (/usr/sbin/tcpd) can be used to deny connection based on IP address. $ cat /etc/hosts.deny ALL: ALL $ cat /etc/hosts.allow ALL: 127.0.0.1/8 ssh: *.example.com EXCEPT doug.example.com ssh: @local_netgroup # Allow secure pop anywhere, cleartext locally only pop3s: ALL pop3: 172.16.0.0/24
Copyright 2003, Bri Hatch of Onsight, Inc.
Presented at ISSA Puget Sound, 2003.
Presentation created using vim and MagicPoint.