09-16-2001
If you are using tcp wrappers (tcpd), you can
control what users are allowed to use what
services individually.
Check out the man page host_access(5)
For instance in /etc/hosts.allow...
in.telnetd: ALL EXCEPT jsmith@some_host
in.ftpd: ALL
This would allow Telnet for all EXCEPT user jsmith
and FTP to all. However, you should not get
carried away with user lists since it will
cause a lookup to occurr. Obviously, you also
would NOT want to open these services to "ALL"
so I would recommend further restricting this
by using "LOCAL" or even some IP range that
maps to your internal network (or sub-net).
10 More Discussions You Might Find Interesting
1. Answers to Frequently Asked Questions
One of our most frequent questions is how to automate ftp transfers. There are several approaches. Since I'm writing this post, we will start with my favorite technique. :)
In Automated FTP task I present a simple example of my ksh co-process technique. And note that later in this thread I... (0 Replies)
Discussion started by: Perderabo
0 Replies
2. Shell Programming and Scripting
Hello,
A couple of times per week, i receive emails notifications when files are available for processing.
Currently i read these eamails with a java program and store the attachement on my C: drive and would now like to generate a PC script to send this file name up to UNIX-Solaris and... (3 Replies)
Discussion started by: bobk544
3 Replies
3. UNIX for Advanced & Expert Users
We are transferring file from mainframes to unix, & in FTP process itself we would like to set access rights for
unix machine.
Has anyone used chmod command in association with site command in ftp? How it should be used?
Thanks in advance. (1 Reply)
Discussion started by: videsh77
1 Replies
4. Shell Programming and Scripting
I have the following ftp script to get files from a remote location.
However, on running the script I find that I am not even able to connect to ftp server.
I am able to connect to ftp server using other GUI ftp tools like WS_FTP using the same IP.
IP used here is a dummy IP.
What can go... (3 Replies)
Discussion started by: gram77
3 Replies
5. UNIX for Advanced & Expert Users
Hi,
We have some clients who will place huge files in to one of the remote server.
And the shell script written in our local server to retrieve client files (using FTP) placed on one of the remote server of ours by clients.
My question Is there any FTP command/script to check from my local... (1 Reply)
Discussion started by: nmsrao
1 Replies
6. Shell Programming and Scripting
Hi,
I have a ftp script which first gets all the file names and echo's the latest file.
I'm using another ftp command sets to get the file name given by first ftp. The problem is the parameter is not accepted by second ftp. The error message i'm getting is
> Rename Temp File calloc:ICMP... (5 Replies)
Discussion started by: ammu
5 Replies
7. Shell Programming and Scripting
Hi all,
I'm using the following script to automated ftp files to 1 ftp servers
host=192.168.0.1
/usr/bin/ftp -vi >> $bkplog 2>&1 <<ftp
open $host
bin
cd ${directory}
put $files
quit
ftp
and the .netrc file contain
machine 192.168.0.1
login abc... (4 Replies)
Discussion started by: varu0612
4 Replies
8. AIX
how to connect to ftp server in passive mode?
ftp server.abc
and how can i see ftp settings, doesn't exist some ftpd.conf
there is some other file where i check the options and configurations of ftp server?
Thanks (3 Replies)
Discussion started by: prpkrk
3 Replies
9. HP-UX
Hello All,
I am trying to connect to ftp server and get the files. Also i need to rename the file in other ftp dir.
rename method is not allowing me to rename the file in other dir. When i tried copy command by using net::FTP:FILE then perl says it is not installed.
Can some body help me to... (2 Replies)
Discussion started by: krsnadasa
2 Replies
10. Solaris
OS: Solaris 9
Configuration /etc/syslog.conf
daemon.debug
/etc/inetd.conf
ftp stream tcp6 nowait root /usr/sbin/in.ftpd in.ftpd -A -l -d
Found the ftp.log only generate those entries from other servers/hosts.
Can we trace on all ftp entries either from/to the server?
... (6 Replies)
Discussion started by: KhawHL
6 Replies
LEARN ABOUT MOJAVE
tcpdmatch
TCPDMATCH(8) System Manager's Manual TCPDMATCH(8)
NAME
tcpdmatch - tcp wrapper oracle
SYNOPSIS
tcpdmatch [-d] [-i inet_conf] daemon client
tcpdmatch [-d] [-i inet_conf] daemon[@server] [user@]client
DESCRIPTION
tcpdmatch predicts how the tcp wrapper would handle a specific request for service. Examples are given below.
The program examines the tcpd access control tables (default /etc/hosts.allow and /etc/hosts.deny) and prints its conclusion. For maximal
accuracy, it extracts additional information from your inetd network configuration file.
When tcpdmatch finds a match in the access control tables, it identifies the matched rule. In addition, it displays the optional shell com-
mands or options in a pretty-printed format; this makes it easier for you to spot any discrepancies between what you want and what the pro-
gram understands.
ARGUMENTS
The following two arguments are always required:
daemon A daemon process name. Typically, the last component of a daemon executable pathname.
client A host name or network address, or one of the `unknown' or `paranoid' wildcard patterns.
When a client host name is specified, tcpdmatch gives a prediction for each address listed for that client.
When a client address is specified, tcpdmatch predicts what tcpd would do when client name lookup fails.
Optional information specified with the daemon@server form:
server A host name or network address, or one of the `unknown' or `paranoid' wildcard patterns. The default server name is `unknown'.
Optional information specified with the user@client form:
user A client user identifier. Typically, a login name or a numeric userid. The default user name is `unknown'.
OPTIONS
-d Examine hosts.allow and hosts.deny files in the current directory instead of the default ones.
-i inet_conf
Specify this option when tcpdmatch is unable to find your inetd.conf network configuration file, or when you suspect that the pro-
gram uses the wrong one.
EXAMPLES
To predict how tcpd would handle a telnet request from the local system:
tcpdmatch in.telnetd localhost
The same request, pretending that hostname lookup failed:
tcpdmatch in.telnetd 127.0.0.1
To predict what tcpd would do when the client name does not match the client address:
tcpdmatch in.telnetd paranoid
On some systems, daemon names have no `in.' prefix, or tcpdmatch may need some help to locate the inetd configuration file.
FILES
The default locations of the tcpd access control tables are:
/etc/hosts.allow
/etc/hosts.deny
SEE ALSO
tcpdchk(8), tcpd configuration checker
hosts_access(5), format of the tcpd access control tables.
hosts_options(5), format of the language extensions.
inetd.conf(5), format of the inetd control file.
AUTHORS
Wietse Venema (wietse@wzv.win.tue.nl),
Department of Mathematics and Computing Science,
Eindhoven University of Technology
Den Dolech 2, P.O. Box 513,
5600 MB Eindhoven, The Netherlands
TCPDMATCH(8)