Hi All,
I am sorry for not giving all the information. But here is my actual need. I would be having Oracle database on a Red hat Linux server which would listen to Port 1521(Default port for oracle).
I need to restrict users to this Port.I thought two solutions for this using iptables.
Solution 1 : Set the firewall with iptables rules, to allow ip addresses of a particular subnet to access the Oracle port.Using this rule only machines on the DBserver's subnet are able to communicate with it on Port 1521.
Solution 2:
Have a list of all valid IP's in a file and set a rule in the iptable to allow access to those IP addreesses only.
Please let me know if I am on the right track or if something else needs to be done.Also kindly let me know , which solution would work better looking at the security point of view.
Hi Gurus,
Tried searching for something similiar in this forum but not really what i want.
This is my case:
I have about 20 users running on sun workstation. We have done a upgrade recently and right now it seems that the users can access to terminal and console which they are not suppose... (12 Replies)
Hi
I have requirement to create 3 new users on my server but to restrict their access to a set of particular folders.
/export/home/kapil/shared,
/export/home/kapil/shared/Folder1
/export/home/kapil/shared/Folder2
These folders should be accessible to all the 3 users and to me too.... (1 Reply)
Hi,
I had installed vsftp in rhel5 and i want to restrict all the local users from accessing the ftp.
i want to allow specific users to access the ftp server.
Request you to please help.
Thanks & regards
Arun (1 Reply)
Hi All,
How to restrict the NIS users not to change their passwords in for NIS users??
and my NIS user is unable to login to at client location what could be the problem for this ?
Any body can help me. Thanks in advance. (1 Reply)
Hi there
I have an application user on my system that wants accesses to these file systems as such:
rwx:
/SAPO
/SAPS12
/R3_888
/R3_888B
/R3_888F
/R3_888R
r:
/usr/sap
these are the existing FS permissions:ownerships:
# ls -ld /SAPO (9 Replies)
Linux ubuntu 3.0.0-12-generic #20-Ubuntu SMP Fri Oct 7 14:56:25 UTC 2011 x86_64 x86_64 x86_64 GNU/Linux
Hi Folks,
Please help me. I am bit struck here.
Here is the OS info.
Linux ubuntu 3.0.0-12-generic #20-Ubuntu SMP Fri Oct 7 14:56:25 UTC 2011 x86_64 x86_64 x86_64 GNU/Linux
I have a... (17 Replies)
I'm using Solaris 10. I want to restrict users from executing this dangerous command.
rm -rf *
But they should be able to perform the below actions:
rm -rf *.*
rm -rf filename
rm -rf directory
Is it possible? If yes then pls let me know how to do it? (7 Replies)
I'm trying to use squid to restrict elinks' access to certain websites(only http traffic).
I have tried some configs in squid.conf but no luck. Hope someone has a bit of time to explain me how can you make these config's :)
---------- Post updated at 05:40 PM ---------- Previous update was at... (1 Reply)
Dear friends,
:)
I create new user
useradd -g other -d /export/home/sltftp -m -s /bin/bash -c "SLT user account for TMA ftp backup" sltftp
now i need do restrict thees
chmod
delete
overwrite
rename
from this user:(for all the files in the server ,sltftp user can only able to download... (4 Replies)
Discussion started by: darakas
4 Replies
LEARN ABOUT DEBIAN
login.access
LOGIN.ACCESS(5) BSD File Formats Manual LOGIN.ACCESS(5)NAME
login.access -- login access control table
DESCRIPTION
The login.access file specifies on which ttys or from which hosts certain users are allowed to login.
At login, the /etc/login.access file is checked for the first entry that matches a specific user/host or user/tty combination. That entry can
either allow or deny login access to that user.
Each entry have three fields separated by colon:
o The first field indicates the permission given if the entry matches. It can be either ``+'' (allow access) or ``-'' (deny access) .
o The second field is a comma separated list of users or groups for which the current entry applies. NIS netgroups can used (if configured)
if preceeded by @. The magic string ALL matches all users. A group will match if the user is a member of that group, or it is the user's
primary group.
o The third field is a list of ttys, or network names. A network name can be either a hostname, a domain (indicated by a starting period),
or a netgroup. As with the user list, ALL matches anything. LOCAL matches a string not containing a period.
If the string EXCEPT is found in either the user or from list, the rest of the list are exceptions to the list before EXCEPT.
BUGS
If there's a user and a group with the same name, there is no way to make the group match if the user also matches.
SEE ALSO login(1)AUTHORS
The login_access() function was written by Wietse Venema. This manual page was written for Heimdal.
HEIMDAL March 21, 2003 HEIMDAL