Hi All,
I am sorry for not giving all the information. But here is my actual need. I would be having Oracle database on a Red hat Linux server which would listen to Port 1521(Default port for oracle).
I need to restrict users to this Port.I thought two solutions for this using iptables.
Solution 1 : Set the firewall with iptables rules, to allow ip addresses of a particular subnet to access the Oracle port.Using this rule only machines on the DBserver's subnet are able to communicate with it on Port 1521.
Solution 2:
Have a list of all valid IP's in a file and set a rule in the iptable to allow access to those IP addreesses only.
Please let me know if I am on the right track or if something else needs to be done.Also kindly let me know , which solution would work better looking at the security point of view.
Hi Gurus,
Tried searching for something similiar in this forum but not really what i want.
This is my case:
I have about 20 users running on sun workstation. We have done a upgrade recently and right now it seems that the users can access to terminal and console which they are not suppose... (12 Replies)
Hi
I have requirement to create 3 new users on my server but to restrict their access to a set of particular folders.
/export/home/kapil/shared,
/export/home/kapil/shared/Folder1
/export/home/kapil/shared/Folder2
These folders should be accessible to all the 3 users and to me too.... (1 Reply)
Hi,
I had installed vsftp in rhel5 and i want to restrict all the local users from accessing the ftp.
i want to allow specific users to access the ftp server.
Request you to please help.
Thanks & regards
Arun (1 Reply)
Hi All,
How to restrict the NIS users not to change their passwords in for NIS users??
and my NIS user is unable to login to at client location what could be the problem for this ?
Any body can help me. Thanks in advance. (1 Reply)
Hi there
I have an application user on my system that wants accesses to these file systems as such:
rwx:
/SAPO
/SAPS12
/R3_888
/R3_888B
/R3_888F
/R3_888R
r:
/usr/sap
these are the existing FS permissions:ownerships:
# ls -ld /SAPO (9 Replies)
Linux ubuntu 3.0.0-12-generic #20-Ubuntu SMP Fri Oct 7 14:56:25 UTC 2011 x86_64 x86_64 x86_64 GNU/Linux
Hi Folks,
Please help me. I am bit struck here.
Here is the OS info.
Linux ubuntu 3.0.0-12-generic #20-Ubuntu SMP Fri Oct 7 14:56:25 UTC 2011 x86_64 x86_64 x86_64 GNU/Linux
I have a... (17 Replies)
I'm using Solaris 10. I want to restrict users from executing this dangerous command.
rm -rf *
But they should be able to perform the below actions:
rm -rf *.*
rm -rf filename
rm -rf directory
Is it possible? If yes then pls let me know how to do it? (7 Replies)
I'm trying to use squid to restrict elinks' access to certain websites(only http traffic).
I have tried some configs in squid.conf but no luck. Hope someone has a bit of time to explain me how can you make these config's :)
---------- Post updated at 05:40 PM ---------- Previous update was at... (1 Reply)
Dear friends,
:)
I create new user
useradd -g other -d /export/home/sltftp -m -s /bin/bash -c "SLT user account for TMA ftp backup" sltftp
now i need do restrict thees
chmod
delete
overwrite
rename
from this user:(for all the files in the server ,sltftp user can only able to download... (4 Replies)
Discussion started by: darakas
4 Replies
LEARN ABOUT OPENDARWIN
ftphosts
ftphosts(4) File Formats ftphosts(4)NAME
ftphosts - FTP Server individual user host access file
SYNOPSIS
/etc/ftpd/ftphosts
DESCRIPTION
The ftphosts file is used to allow or deny access to accounts from specified hosts. The following access capabilities are supported:
allow username addrglob [addrglob...]
Only allow users to login as username from host(s) that match addrglob.
deny username addrglob [addrglob...]
Do not allow users to login as username from host(s) that match addrglob.
A username of * matches all users. A username of anonymous or ftp specifies the anonymous user.
addrglob is a regular expression that is matched against hostnames or IP addresses. addrglob may also be in the form address:netmask or
address/CIDR, or be the name of a file that starts with a slash ('/') and contains additional address globs. An exclamation mark (`!')
placed before the addrglob negates the test.
The first allow or deny entry in the ftphosts file that matches a username and host is used. If no entry exists for a username, then access
is allowed. Otherwise, a matching allow entry is required to permit access.
EXAMPLES
You can use the following ftphosts file to allow anonymous access from any host except those on the class A network 10, with the exception
of 10.0.0.* IP addresses, which are allowed access:
allow ftp 10.0.0.*
deny ftp 10.*.*.*
allow ftp *
10.0.0.* can be written as 10.0.0.0:255.255.255.0 or 10.0.0.0/24.
FILES
/etc/ftpd/ftphosts
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Availability |SUNWftpr |
+-----------------------------+-----------------------------+
|Interface Stability |External |
+-----------------------------+-----------------------------+
SEE ALSO in.ftpd(1M), ftpaccess(4), attributes(5)SunOS 5.10 1 May 2003 ftphosts(4)