Re: ban host

From: Darren Tucker (dtucker_at_dodgy.net.au)
Date: 02/09/04 

Date: Sun, 8 Feb 2004 23:01:39 +0000 (UTC)

In article <4026bd86$0$10334$cc9e4d1f@news-text.dial.pipex.com>,
Simon Bell <aooi58@dsl.pipex.com> wrote:
>Is it possible to ban say all connections from *.aol.com from connecting to
>my ssh server? and if so, how?

If your SSH server supports tcpwrappers (OpenSSH does, I don't know about
other servers) you can use that.

Your sshd must be built with tcpwrappers (many vendors ship it that way,
or it can be built from source with "configure --with-tcp-wrappers"),
then put something like this into hosts.deny:

sshd: .aol.com 

-- 
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

Relevant Pages

  • Re: "Dont panic"?
    ... with an SSH server accepting connections from anywhere. ... That's not abuse; ...
    (comp.security.ssh)
  • Re: "Dont panic"?
    ... with an SSH server accepting connections from anywhere. ... > If all (or most if my scans were from a single source I would complain to ... So who do I complain to? ...
    (comp.security.ssh)
  • Re: "Dont panic"?
    ... >What "abuse" would you have him report? ... with an SSH server accepting connections from anywhere. ... That's not abuse; ...
    (comp.security.ssh)
  • Re: X11 forwarding over non X11 hop
    ... > The both connections are successfull. ... > Now i dont know how to set it up. ... But it looks like your ssh server on remoteX11Host is not configured to ... You should find a line like "X11Forwarding yes". ...
    (comp.security.ssh)
  • Re: Not enough entropy in RNG
    ... > I try to use multiple clients to connect SSH server. ... Which SSH software and what version? ... Good judgement comes with experience. ...
    (comp.security.ssh)