Thanks to all guys who responded:
Timothy Lindgren <tlindgre@enron.com>
Kevin L Prigge <klp@tc.umn.edu>
Ronald Loftin <reloftin@syr.edu>
Sean Quaint <squaint@provide.net>
All of them suggested to use tcp_wrapper. Representative for all others,
let me cite Kevin:
> You'll need tcpwrapper (ftp://ftp.cert.org/pub/tools/tcp_wrappers_7.6.tar.Z)
> which has an option to reject connections from IPs that don't
> do reverse resolution.
My orig question was:
> in the past we had some hacker problems. Can anybody of you
> explain how to prohibit remote logins from DNS-unresolved
> IP addresses? E.g. Access from "host.dom.ain" should be allowed
> but not from '208.131.80.96'.
> I'm on Solaris 2.x/SPARC.
Thanx again, Guenter
-- Dipl.-Ing. Guenter Millahn Brandenburg University of Technology Systems, Network & DB Admin CS Dept / DB & IS Research Group Voice: +49 (355) 69-2711 P.O. Box: 10 13 44 Fax: +49 (355) 69-2766 D-03013 Cottbus GERMANY
This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:13:34 CDT