Network Security: Detailed info on Re: Restricting logins by IP address

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Security-Basics

[Top] [All Lists]

Re: Restricting logins by IP address

from [Alexander Klimov] Network Security

[Permanent Link]

Subject:	Re: Restricting logins by IP address
Date:	Tue, 25 Oct 2005 00:05:35 +0200 (IST)

On 10/19/05, Keenan Smith <kc_smith@clark.net> wrote:

Similar to the way root can be restricted to logging in only at the
console, is it possible to restrict logins by regular users to specific
IP addresses?

What I've got is a directory "ABC" and a user "Larry".  I setup Larry to
have ABC as his home directory.  What I want to do is restrict Larry's
login to a specific IP address so if he attempts a login from computer
"123" it will succeed but if he tries from computer 456, it will fail.


On Fri, 21 Oct 2005, ilaiy wrote:

Try using /etc/hosts.allow Give the IP address of which you would
want to allow and your /etc/hosts.deny should look like this
ALL: ALL


Yes, tcp wrappers is a good solution if it is really what you need.
Unfortunately, it does not solve the stated problem (at least, not how
I understood it): it allows you to limit *all* the connection to a set
of IPs, but it does not allow to restrict Larry's logins to one IP,
and John's logins to some other IP.

-- 
Regards,
ASK

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
RE: OS to know., (continued) RE: OS to know., Security Re: OS to know., John Melton Re: OS to know., Mark Owen Re: OS to know., Michael Gale Re: OS to know., Adam Kane RE: OS to know., Depp, Dennis M. Re: OS to know., Alloishus BeauMains Re: OS to know., Kurt Restricting logins by IP address, Keenan Smith Re: Restricting logins by IP address, ilaiy Re: Restricting logins by IP address, Alexander Klimov <= Re: Restricting logins by IP address, Justin Re: Restricting logins by IP address, Netops RE: OS to know., Simpson, Brett Re: OS to know., Netops

Previous by Date:	Re: GET //awstats.pl? in apache logs, Konstantine
Next by Date:	Re: Protect Data - CD-R, thunder @
Previous by Thread:	Re: Restricting logins by IP address, ilaiy
Next by Thread:	Re: Restricting logins by IP address, Justin
Indexes:	[Date] [Thread] [Top] [All Lists]