Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: how to deny ftp access
Operating Systems Solaris how to deny ftp access Post 302202572 by bullz26 on Thursday 5th of June 2008 06:45:13 AM
Old 06-05-2008
If you went to compleatly deny for the entire box
plz do the needful as mentioned below.

cd /etc
vi inetd.conf


# FTPD - FTP server daemon
#ftp stream tcp6 nowait root /usr/sbin/in.ftpd in.ftpd -a# SunVTS Daemon
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

ftp access problem

Hello, I am trying to access the remote redhat linux server from a windows 2000 machine thro ftp, but i am getting the error ie connection timed out. FTP service is running on the server. since ftp is working locally. And also i can able to ping to remote server also. Still i am getting... (1 Reply)
Discussion started by: bache_gowda
1 Replies

2. UNIX for Dummies Questions & Answers

ftp allow/deny list

OK, let see, i have a Tru64 Unix and need to know how the list of ftp users works and in /etc/ftpusers we have the unauthorized users but when we create a new user i want this users put automatic for deny access ..... where i set when creation of users action put automatic the user in that file?... (1 Reply)
Discussion started by: wbendek
1 Replies

3. UNIX for Dummies Questions & Answers

FTP Access

How to restrict ftp user to move to the parent directory of his home directory. Any suggestions will be appreciated. O.S Sun solaris Regards (3 Replies)
Discussion started by: sehgalniraj
3 Replies

4. IP Networking

how to deny someone to use ftp command ?

hi,all, i have a question to trouble you. a workstation named AAA, and open the ftp services to permit user download and upload files. i have root password. a pc install windows 2k named BBB, someone install a serv-u ftp ( a ftp server software ) to transfer data. i don't have the... (4 Replies)
Discussion started by: yarx
4 Replies

5. UNIX for Dummies Questions & Answers

FTP access

Folks; I'm working on building ACL for our Solaris 10 box. I'm going to use LDAP for authentication. We have a mounted drive on that server & users would like to be able to write to it. We need to restrict the write access to that mounted drive on the box to be only through FTP, so if they... (13 Replies)
Discussion started by: Katkota
13 Replies

6. Shell Programming and Scripting

how i can make one ip access to ftp account and deny others

HI I want to make only one IP can access to ftp acount in cpanel or by shell can any body help me ? (1 Reply)
Discussion started by: elkadrey
1 Replies

7. AIX

Does ACL can only grant/deny access for specific command?

Dear AIX/UNIX experts: I have a demand to restricted a file to be copy by others, but this file must can be read by others/Applications. As I tried, the chmod command cannot fulfill this requirement. But not sure if the ACL can achieve this function or not ? Could anybody give me your... (8 Replies)
Discussion started by: devyfong
8 Replies

8. Emergency UNIX and Linux Support

Configure Squid to use LDAP group auth to deny internet access

Hi all We have squid-2.5.STABLE11-3.FC4 running in our environment. LDAP authentication works fine. Active Directory 2003 Users are prompted to enter credentials every time they access the net. The system works perfectly, but I need to configure Squid to block users in a specific AD group.... (1 Reply)
Discussion started by: wbdevilliers
1 Replies

9. Web Development

Deny access from all users, except PHP application installed in same domain

Hi to all, Please, some help over here. IŽll try to be as much clear I can. In summary my problem is: I have a PHP application installed in a folder of my domain that reads CSV.txt files from another folder in my domain and I need to restrict direct access to see and download these CSV.txt... (0 Replies)
Discussion started by: cgkmal
0 Replies

10. AIX

ftp access without shell access

Hi all, I'm using AIX v 5.3 I want to create system users to access through ftp or sftp and restrict those users into specific directory and don't traverse the whole file system just to be restricted within a directory and don't get shell access . i don't want to use any other third party... (7 Replies)
Discussion started by: h@foorsa.biz
7 Replies

LEARN ABOUT OSF1

inetd.conf

inetd.conf(4)						     Kernel Interfaces Manual						     inetd.conf(4)

NAME

       inetd.conf, inetd.conf.local - The default configuration files for the inetd daemon

SYNOPSIS

       The default configuration file for all cluster members is: /etc/inetd.conf

       The configuration file for a specific member in a cluster is: /etc/inetd.conf.local

       The inetd.conf.local file is a Context-Dependent Symbolic Link (CDSL) and must be maintained as such.  See the System Administration manual
       for more information.

DESCRIPTION

       If the inetd daemon is started without specifying an alternate  configuration  file,  the  inetd  daemon  reads	the  inetd.conf  file  and
       inetd.conf.local  file,	in this order, for information on how to handle Internet service requests.  For this reason, if an entry exists in
       both configuration files, the entry in /etc/inetd.conf.local overrides the entry in /etc/inetd.conf.

       The inetd daemon reads its configuration files only when the inetd daemon starts or when the inetd daemon receives a SIGHUP  signal.   Each
       line in theinetd configuration files defines how to handle one Internet service request.

       Each line is of the form: ServiceName SocketType ProtocolName Wait/NoWait UserName 
			      ServerPath  ServerArgs  (Note:  The backslash and the continuation of information on to a second line is for display
       purposes only. In the configuration file, the entries appear on a single line.)

       These fields must be separated by spaces or tabs.  Continuation lines are terminated with a  (backslash).  Comments are denoted with  a  #
       (number	sign).	 The fields have the following meanings: Specifies the name of an Internet service defined in the /etc/services file.  For
       services provided internally by the inetd daemon, this name must be the official name of the service.  That is, the name must be  identical
       to  the	first  entry on the line that describes the service in the /etc/services file.	Specifies the name for the type of socket used for
       the service.  You can use either the stream value for a stream socket, the dgram value for a datagram socket,  the  raw	value  for  a  raw
       socket,	the  rdm  value  for  a reliably delivered message socket, or the seqpacket value for a sequenced packet socket.  You can also use
       xstream and xdgram to permit the transparent mode of connections for stream and datagram sockets, respectively.	Currently,  only  applica-
       tion gateways for firewall services use the transparent mode of connection.
       Specifies the name of an Internet protocol defined in the /etc/protocols file.  For example, use the tcp  value for a service that uses the
       TCP/IP protocol and the udp value for a service that uses the UDP protocol.

	      When you use a tcp or udp value, inetd creates AF_INET sockets; this is the default behavior.  If you want inetd to create  AF_INET6
	      sockets, use the tcp6 or udp6 value.  The inetd daemon maps these values to the tcp and udp protocol names internally.

	      For  RPC services the field consists of the string rpc followed by a slash (/) and one of the following: An asterisk (*) One or more
	      nettypes One or more netids A combination of nettypes and netids

	      If you specify an invalid nettype, it is treated as a netid.  For example, if you specify rpc/*, it specifies the service  uses  all
	      the  transports  supported  by the system.  Contains either the wait or the nowait instruction.  For datagram servers, specify wait.
	      This instructs the inetd daemon to wait for a datagram server to read at least one datagram from the socket before exiting.  Single-
	      threaded	datagram servers process all incoming datagrams, then they time out (for example, comsat, biff, and talkd).  Multithreaded
	      datagram servers read one datagram from the socket, create a new socket, then fork and exit (for example, tftpd).

	      For servers using stream sockets, specify nowait for multithreaded servers.  This instructs inetd to accept connection requests  and
	      pass  a  newly  accepted	socket	that  is  connected  to the client of the service to the server.  Specify wait for single-threaded
	      servers.	This instructs inetd to pass the listening socket to the server and wait.  The server must accept at least one	connection
	      request before exiting.  Specifies the username that the inetd daemon should use to start the server.  This variable allows a server
	      to be given less permission than root.  Specifies the full pathname of the server that the inetd daemon should  execute  to  provide
	      the  service.   For  services that the inetd daemon provides internally, this field should be internal.  If you want to disable this
	      service, this field should be disable in the /etc/inetd.conf.local file.	Specifies the command line arguments that the inetd daemon
	      is  to  pass  to the server specified in ServerPath.  The arguments to ServerPath should be just as they normally are, starting with
	      the name of the program.	For services that the inetd daemon provides internally, this field should be blank.

EXAMPLES

       The following are sample entries in the /etc/inetd.conf file for an inetd daemon that: Uses the ftpd daemon for servicing ftp  requests	on
       an AF_INET6 socket Uses the talkd daemon for ntalk requests on an AF_INET socket Provides time requests internally on AF_INET6 sockets
       ftp  stream tcp6 nowait root /usr/sbin/ftpd ftpd ntalk dgram udp wait root /usr/sbin/talkd talkd time stream tcp6 nowait root internal time
       dgram udp6 wait root internal

       How you enable and disable services in a cluster depends on the number of cluster members.  The following two examples show the same  clus-
       ter  that  has three members (0, 1, and 2), but shows two diferent methods to accomplish the same goal.	Choose the method most suitable to
       your cluster environment.

       If you want to enable the ftpd daemon on all cluster members except member 2, do the following: To enable the ftpd daemon for all  members,
       enter  the  following  in the /etc/inetd.conf file: ftp stream tcp nowait root /usr/sbin/ftpd ftpd To disable the ftpd daemon for member 2,
       enter the following in the /etc/inetd.conf.local for member 2: ftp stream tcp nowait root disable

       If you want to disable the ftpd daemon on all cluster members (the whole cluster), but enable it on members 0 and 1, do the  following:	To
       disable	the  ftpd  daemon  by  default for the whole cluster, enter the following in the /etc/inetd.conf file: #ftp stream tcp nowait root
       /usr/sbin/ftpd ftpd To enable the ftpd daemon for member 0, enter the following in the /etc/inetd.conf.local file for member 0: ftp  stream
       tcp  nowait root /usr/sbin/ftpd ftpd To enable the ftpd daemon for member 1, enter the following in the /etc/inetd.conf.local file for mem-
       ber 1: ftp stream tcp nowait root /usr/sbin/ftpd ftpd

       Member 2 does not have an ftpd entry in its /etc/inetd.conf.local file.	Therefore, the ftpd daemon is not started.

RELATED INFORMATION

       Commands: biff(1), comsat(8).

       Daemons: inetd(8), talkd(8), tftpd(8).

       Files: protocols(4), services(4).  delim off

																     inetd.conf(4)
All times are GMT -4. The time now is 09:05 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy