OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: [suse-security] ftp question
From: Gediminas Grigas (gedaskryptis.lt)
Date: Thu Nov 09 2000 - 13:41:17 CST


Hello susers (SuSE users:) ),

Our providers network is kind of "hackers heaven" - lots of hacked servers.
And we making connections only trough ssh and ftp (doh). Shh is ok. ftp is a
problem.
We can accept fact that somebody sniffs ftp username/pass , because we closed
all services from all other nets than ours, except in.ftpd. We can`t use
tcpd or ipchains, there because some users are connecting to server from some
dial-ups.
The question would be: how to restrict in.ftpd access depending on
username/remote_host pairs?
example scheme:
user1:* #all (we conditionaly dont care about users data, we have backups)
user2:some.domain.com #only one IP - rest is denied (we have backups but we
would like to make one more small securety step)
user3:none #deny all (he does not need ftpaccess at all)
ok i can include user3 to ftpusers, but how about user1 and user2?
Any ideas?
which of ftpd`s has such feature? alternate solution?

Thanks!

-- 
Best regards,
Gediminas Grigas

--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribesuse.com For additional commands, e-mail: suse-security-helpsuse.com