Welcome to Linux Forums!

With a comprehensive Linux Forum, information on various types of Linux software and many Linux Reviews articles, we have all the knowledge you need a click away, or accessible via our knowledgeable members.

Linux Forum ArticlesLinux ForumsLinux Forum DownloadsLinux HostsFree MagazinesJobs
Home|Register|FAQ|Member List|Calendar|Unanswered Posts|Forum Rules|Today's Posts|Advanced Search|
SEARCH FOR IN
Go Back   Linux Forums > Your Distro > Debian Linux Help
Reload this Page blocking ftp
Linux Forums
Linux Forums
Welcome To The Linux Forums!
Welcome to Linux Forums. We pride ourselves in being one of the largest Linux communities on the web, we encourage you to REGISTER on our forums and participate in the community. There are over 150,000 members ready to answer your questions. JOINING US today will allow you to make new posts, get support, send messages to other members and submit downloads to our downloads directory and many other great features!

Debian Linux Help Discussions related to Debian GNU/Linux.

Reply
 
Thread Tools Display Modes
Old 07-24-2008   #1 (permalink)
Just Joined!
 
Join Date: Jul 2008
Posts: 3
blocking ftp
i want allow only certain hosts to be able to ftp to a debian linux server.

searching online, i've seen suggestions to use hosts.allow

i am not sure how to do this; if i add a line:
in.ftpd: ###.###.###.###: ALLOW
in.ftpd: ALL: DENY

(where ###.###.###.### is the ip address)

this seems to have no effect; i can still connect via ftp from hosts that do not have the desired ip address.

any suggestions?
pajordan is offline   Reply With Quote
Old 07-24-2008   #2 (permalink)
Bigtomrodinator
 
bigtomrodney's Avatar
 
Join Date: Nov 2004
Location: Sunny South-East of Ireland
Posts: 5,196
Your entry for ftpd might be better off located in /etc/hosts.deny

Anything found in /etc/hosts.allow first will be allowed past. You can also try the option PARANOID rather than DENY e.g.
Code:
in.ftpd:ALL:PARANOID
I think most people do this stuff through IPTables these days anyway. It might be easier to set up a rule in there, I don't see that many people using /etc/hosts.* anymore personally.
__________________
Registered Linux user #378740
New members read here / Forum Rules
#linuxforums on irc.freenode.net
bigtomrodney is offline   Reply With Quote
Old 07-31-2008   #3 (permalink)
Just Joined!
 
newd to linux's Avatar
 
Join Date: Oct 2007
Posts: 12
If you don't want ANYONE to ftp to your machine, don't mess with tcpwrappers. Instead, go to your /etc/inetd.conf file and comment out ftpd. Better yet, uninstall the ftp server on the machine. Then use iptables to drop connections on port 21.

Why run an ftp daemon that you don't want to use?

Why leave the port open?

Screw tcpwrappers and /etc/hosts.allow and /etc/hosts.deny... Forget the bandaid solutions and eradicate the problem.
__________________
There are three things that I know about civil rights:

1) Your rights don't trump mine!

2) You have absolutely NO right to me!

3) I have NO intention of forfeiting my rights!
newd to linux is offline   Reply With Quote
Old 08-01-2008   #4 (permalink)
Linux User
 
Join Date: Feb 2006
Posts: 425
Send a message via MSN to iwanabeguru
newd to linux:
You read first before write, i hope you aren't a write only user.
He want provide a ftp service but just for certain hosts.
iwanabeguru is offline   Reply With Quote
Old 08-01-2008   #5 (permalink)
Linux User
 
Join Date: Feb 2006
Posts: 425
Send a message via MSN to iwanabeguru
On a static ip network you can use iptables for dropping connections from unwanted hosts.
iptables -A INPUT -p tcp --dport 21 -s xxx.xxx.xxx.xxx -j ACCEPT
.
.
.
iptables -A INPUT -p tcp --dport 21 -j DROP

this will allow the package from the specified host.

2.
May the system will recognize the new options after a reboot.

3.
hosts.deny won't block access - Ubuntu Forums
iwanabeguru is offline   Reply With Quote
Reply



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off
 

Free Magazines
Cisco News
Receive a free quarterly e-newsletter with exclusive articles on how Cisco IT uses its own products and solutions to enable the business.
subscribe
Systems Management News, the newspaper for IT systems administration and data center managers!
Each issue of Systems Management News is chock-full of news and analysis to help you understand what's happening in your field.
subscribe
The Enterprise Newsweekly
eWeek is the essential technology information source for builders of e-business.
subscribe
Oracle Magazine
Oracle Magazine contains technology strategy articles, sample code, tips, Oracle and partner news, how to articles for developers and DBAs, and more. Oracle (NASDAQ: ORCL) is the world's largest enterprise software company.
subscribe
Total Telecom
Total Telecom is "The Economist of the communications industry".
subscribe
More free magazines »



All times are GMT. The time now is 02:20 AM.



Contact Us | Advertise | Archive | Top
© 2000 - 2008 - All Rights Reserved - Property of  MAS Media

Content Relevant URLs by vBSEO 3.2.0