TCP Wrappers

By Raaz -
The Simple thing I can tell us all about TCP Wrappes is

 " TCP Wrappers are Host-Based Networking Access Control List (ACL) System & used to filter Network access to Internet.



For all services in Linux TCP wrappers cant be applicable by default and its possible if source of the service got compiled with libwrap.

To check whether given service is compatible or not with TCP Wrappers , do as

ldd  /path/to/service | grep libwrap.so

For example lets check sshd service having support or not.

ldd /var/sbin/sshd | grep libwrap.so

Now it will print some output like its there for sshd.

Similarly you can check for any other service you want.

Wild Card Entries:

ALL ,LOCAL, UNKNOWN,KNOWN.

1. To block all hosts from accessing all services remotely

# vi /etc/hosts.deny

ALL : ALL

It will drop all the connections.

2. Allow all except one domain

ALL : @support
ALL : .tech.com EXCEPT development.tech.com

3. Placing logs for unauthorized access

ALL: .developement.com : spawn /bin/echo %a from %h attempted to access %d >> /var/log/ssh.log:deny

4. Log with High priority

sshd: .tech.com severity emerg

5.Spawn with date

In this example I am using sshd service, you can use any if you want.

sshd: 192.168.1.2 : spwan /bin/echo `/bin/date` from %h >> /var/log/ssh.log : deny 

6. twist command is also same but it will send information to client. I didnt succeeded on using this. Give me time to research on this.



Comments

Post a Comment

Popular posts from this blog

grep: unknown device method

By Raaz -
Today while using grep command via rundeck I was through grep: unknown device method  error. And the reason is due to I am having ' - ' in my search pattern I was through this error. I mean search includes grep "-search.this" /path/to/file Then you may get error with grep. So remove ' - ' in pattern and repeat your search. grep "search.this" /path/to/file Hope that helps.
Read more

Uploading files to FTP/SFTP using CURL

By Raaz -
Hello, Today I am writing below article which can help you to upload files to SFTP/FTP by using CURL. Ok why we need that ? Let me tell explain!! How we login into SFTP/FTP ? [root@virt03 test]# sftp 192.168.56.110 Connecting to 192.168.56.110... root@192.168.56.110's password: sftp> ls anaconda-ks.cfg       nodes                 post-install          post-install.log sftp> exit and uploading files with put command. Its a lengthy way. So recently I have gone through few articles and with some R&D I have modified it as script and command-line argument support.So you can call the script with filename as argument.  So Lets do this!!! Command 1 : This is for uploading a single to SFTP/FTP by using CURL.  SFTP curl -k  -u virt03:virt03 -T file4  sftp://192.168.56.110/home/virt03/ Syntax :  curl -k  -u username:password -T filename sftp://IP_Addreess OR Hostname:/path/to/upload  FTP curl -k  -u virt03:virt03 -T f
Read more

How to find outgoing IP in Linux ?

By -
Here is a small snippet to find outgoing IP of your Linux box. 1. To find the outgoing internal IP only         # ip route get 8.8.8.8 | head -1 | gawk '{ print $7 }' 2. To find the outgoing internal IP along with interface.   # ip route get 8.8.8.8 | head -1 | gawk '{ print $5,$7 }' 3. In-case if your system is connected to Internet, to find the outgoing external IP   # curl ifconfig.me Note:   In case if your system having public IP assigned then there is no difference between outgoing internal IP and external IP (both are same).
Read more