Do you mean something like:
This blocks everything except a few IP's and firewall devices/modems. Is this what you mean? However, may the UNIX gods help you maintaining an acl list of 7700 ip's manually. Answer to your question: yes it will block everything you want.
Hi all
I'm using an AIX 5 machine.
I'm trying to telnet from this machine to another Aix machine.
When I use the "root" user - Everything works.
I can telnet successfully the other machine
When I use another user but root - I can't telnet the machine:
noah@logist:/home/noah>telnet aixtst... (2 Replies)
OK, let see, i have a Tru64 Unix and need to know how the list of ftp users works and in /etc/ftpusers we have the unauthorized users but when we create a new user i want this users put automatic for deny access .....
where i set when creation of users action put automatic the user in that file?... (1 Reply)
Each thread has a copy of auto variables within a function, but variables
declared as static within a function are common to all threads. To circumvent
this can static variables be placed outside the function. If so, will the
scope of the variable be file only or will it be extern, and will each... (7 Replies)
Hi,
I have to forbid root-logins on all my servers, expect from two machines, these 2 machines login with root without a password
it was quite easy with ssh, but I have a problem regarding rsh/rlogin, an there
are a lot of rsh jobs, so it would take a lot of time to change all this... (4 Replies)
Hello everyone
I have to limit the root logins on my aix box (aix 5.3)
I change the value on the /etc/security/user
default (login and rlogin) change to false
and add to root (rlogin and login = false)
I tried in different ways but I got the same.
Root still can login
I try algo... (6 Replies)
Hello I want to block individuals who attempt to use ssh to loggon to one of my machines from a certain IP address. I added the following entry in hosts.deny. Will the entry do what I want to do?
ssh: 202.111.128.225 (3 Replies)
Dear AIX/UNIX experts:
I have a demand to restricted a file to be copy by others, but this file must can be read by others/Applications.
As I tried, the chmod command cannot fulfill this requirement. But not sure if the ACL can achieve this function or not ?
Could anybody give me your... (8 Replies)
Is there a way to deny access to a specific remote login option.
example:
usera--deny telnet access but keep rsh and rlogin
userb--keeps telnet, rsh, and rlogin
I'm basically trying to contol the access per services instead of changing the LOGIN REMOTELY(rsh,tn,rlogin) option to yes or no. (12 Replies)
Hi there,
For /etc/hosts.deny was it used to deny access from the internet? (2 Replies)
Discussion started by: alvinoo
2 Replies
LEARN ABOUT DEBIAN
squid_radius_auth
squid_radius_auth(8) System Manager's Manual squid_radius_auth(8)NAME
squid_radius_auth - Squid RADIUS authentication helper
SYNOPSIS
squid_radius_auth -f configfile
squid_radius_auth -h "server" [-p port] [-i identifier] -w secret
DESCRIPTION
This helper allows Squid to connect to a RADIUS server to validate the user name and password of Basic HTTP authentication.
-f configfile
Specifies the path to a configuration file. See the CONFIGURATION section for details.
-h server
Alternative method of specifying the server to connect to
-p port
Specify another server port where the RADIUS server listens for requests if different from the default RADIUS port. Normally not
specified.
-i identifier
Unique identifier identifying this Squid proxy to the RADIUS server. If not specified the IP address is used as to identify the
proxy.
-w secret
Alternative method of specifying the shared secret. Using the configuration file is generally more secure and recommended.
-t timeout
RADIUS request timeout. Default 10 seconds.
CONFIGURATION
The configuration specifies how the helper connects to RADIUS. The file contains a list of directives (one per line). Lines beginning with
a # is ignored.
server radiusserver
specifies the name or address of the RADIUS server to connect to.
secret somesecretstring
specifies the shared RADIUS secret.
identifier nameofserver
specifies what the proxy should identify itsels as to the RADIUS server. This directive is optional.
port portnumber
Specifies the port number or service name where the helper should connect.
AUTHOR
This manual page was written by Henrik Nordstrom <hno@squid-cache.org>
squid_radius_auth is written by Marc van Selm <selm@cistron.nl> with contributions from Henrik Nordstrom <hno@squid-cache.org> and many
others
QUESTIONS
Any questions on usage can be sent to Squid Users <squid-users@squid-cache.org>, or to your favorite RADIUS list/friend if the question is
more related to RADIUS than Squid.
REPORTING BUGS
Report bugs or bug-fixes to Squid Bugs <squid-bugs@squid-cache.org> or ideas for new improvements to Squid Developers <squid-dev@squid-
cache.org>
SEE ALSO
RFC2058 - Remote Authentication Dial In User Service (RADIUS)
Squid RADIUS Auth 7 August 2004 squid_radius_auth(8)