[techtalk] login restriction
kelly at poverty.bloomington.in.us
kelly at poverty.bloomington.in.us
Fri Jul 7 14:31:45 EST 2000
On Fri, 7 Jul 2000 13:52:46 -0400, "Brian Sweeney" <bsweeney at imagedog.com> said:
>Does anyone know how to restrict users on a RHL 6.0 box from being able to
>actually login?
RH 6.0 has so many security flaws that you simply should not run it in
an open environment. Upgrading bind is absolutely essential because
the version of bind shipped with 6.0 is vulnerable to a compromise
that gives the intruder root access. You should probably upgrade to
at least 6.1 and preferably 6.2, and read up thoroughly on security
issues.
>I know this sounds strange, but hear me out. I have this new
>mailserver up, and I want people to be able to POP to it to retrieve
>mail, but not anything else.
Disable telnetd and rlogind. (You should do this anyway; if you want
to allow remote access to your box, make people use sshd.) The
easiest way to do this is to edit /etc/inetd.conf and comment out the
lines that enable telnetd and rlogind, then killall -HUP inetd.
Kelly
More information about the Techtalk
mailing list