aix上如何限制指定ip地址通过telnet连接

最新推荐文章于 2023-03-20 16:39:21 发布

shenghuiping2001

最新推荐文章于 2023-03-20 16:39:21 发布

阅读量3.5k

点赞数 1

分类专栏： AIX 文章标签： aix wrapper server processing tcp security

AIX 专栏收录该内容

145 篇文章 ¥39.90 ¥99.00

订阅专栏

超级会员免费看

下面我们介绍Tcp_Wrapper在AIX上的安装和使用
第一步：下载
第二步：安装
第三步：配置
第四步：测试
第一步：下载
http://ftp.univie.ac.at/aix/download/aix43/tcp_wrappers-7.6.1.0.exe

第二步：安装
# ls
tcp_wrappers-7.6.1.0.exe
# chmod +x *exe
# ./tcp_wrappers-7.6.1.0.exe
UnZipSFX 5.32 of 3 November 1997, by Info-ZIP (Zip-Bugs@lists.wku.edu).
inflating: tcp_wrappers-7.6.1.0.bff
inflating: tcp_wrappers-7.6.1.0.bff.asc
# inutoc .
# installp -aXgd . all
+--------------------------------------------------------------------+
Pre-installation Verification...
+--------------------------------------------------------------------+
Verifying selections...done
Verifying requisites...done
Results...

SUCCESSES
---------
Filesets listed in this section passed pre-installation verification
and will be installed.

Selected Filesets
-----------------
freeware.tcp_wrappers.rte 7.6.1.0 # ----TCP/IP daemon security wrapp...

<< End of Success Section >;>;

FILESET STATISTICS
------------------
1 Selected to be installed, of which:
----1 Passed pre-installation verification
----
1 Total to be installed
+--------------------------------------------------------------------+
Installing Software...
+--------------------------------------------------------------------+
installp: APPLYING software for:
--------freeware.tcp_wrappers.rte 7.6.1.0

. . . . . << Copyright notice for freeware.tcp_wrappers >;>; . . . . . . .

TCP WRAPPERS, version 7.6
Copyright (C) 1997 by Wietse Venema. All rights reserved.
(Some individual files may be covered by other copyrights.)

Plaese refer to the DISCLAIMER file delivered in the directory
/usr/local/lib/tcp_wrappers-7.6 for complete details. The README file
delivered in the same directory should also be read.

Packaging is Copyright (C) 1999 BULL SA. This LPP may not be redistributed
comercially. No warranty or support in any form is offered with this
LPP.

. . . . . << End of copyright notice for freeware.tcp_wrappers >;>;. . . .

Finished processing all filesets. (Total time: 2 secs).

+-------------------------------------------------------------------+
Summaries:
+-------------------------------------------------------------------+
Installation Summary
--------------------
Name ------------------------Level ----Part---- -Event -----Result
--------------------------------------------------------------------
freeware.tcp_wrappers.rte -7.6.1.0 ----USR ------APPLY ----SUCCESS

第三步：配置
# vi /etc/inetd.conf
modifty the two lines from
ftp ----stream -tcp6 -nowait -root -/usr/sbin/ftpd -----ftpd
telnet -stream -tcp6 -nowait -root -/usr/sbin/telnetd -telnetd -a
to the following
ftp ----stream -tcp6 -nowait -root -/usr/local/bin/tcpd -ftpd
telnet -stream -tcp6 -nowait -root -/usr/local/bin/tcpd -telnetd –a
# vi /etc/hosts.deny
all:all
# vi /etc/hosts.allow
telnetd:192.168.0.201:allow
ftpd:192.168.0.201:allow
# refresh –s inetd

第四步：测试
# /usr/local/bin/tcpdmatch ftpd 9.185.43.221
client: address 9.185.43.221
server: process ftpd
access: denied
# /usr/local/bin/tcpdmatch ftpd 192.168.0.201
client: address 192.168.0.201
server: process ftpd
access: granted
# /usr/local/bin/tcpdmatch telnetd 9.185.43.221
client: address 9.185.43.221
server: process ftpd
access: denied
# /usr/local/bin/tcpdmatch telnetd 192.168.0.201
client: address 192.168.0.201
server: process ftpd
access: granted

以上只是对访问控制文件的一个简单示例,您可以参看Tcp_wrapper的相应说明定制更为复杂并且有效的安全访问策略.