Re: Allow telnet to only one IP using host.deny or host.allow

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 





On Sat, Oct 2, 2010 at 9:11 PM, Tim <ignored_mailbox@xxxxxxxxxxxx> wrote:
On Fri, 2010-10-01 at 19:06 +0530, Jatin K wrote:
> what is the perfect way
>
> only host.allow or host.deny file
>
> or only iptables ??

One could argue that this is no "perfect" way.  And that multiple
efforts to protect yourself is the best way.

Personally, I'd deny all, and just allow the known address.  Then do the
same with the firewall rule.  Though, I wouldn't allow telnet, at all.
Are you sure you need it?

--
[tim@localhost ~]$ uname -r
2.6.27.25-78.2.56.fc9.i686

Don't send private replies to my address, the mailbox is ignored.  I
read messages from the public lists.



--

Big agree with this. It's called defence in depth. However every security decision must be made while considering the trade-offs. Tradeoffs are the possible negative affects of having such strong security, and the most common one is having the security you implemented turn against it's purpose, blocking authorised and identified users.
-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux