1. Tạo 2 file
vi /etc/hosts.allow
ALL:192.168.1.38 #CRM
sshd:192.168.1.235 #BINHTV_VPN
imapd : 192.168.54.0/255.255.255.0
in.ftpd: 192.168.54.0/255.255.255.0
sshd : 192.168.54.2 172.16.234.4
vi /etc/hosts.deny
ALL:ALL
2. Enable chặn
---check that the service telnet is wrapped
inetadm -l telnet | grep tcp_wrappers
--enable chan hết telnet, ssh, ftp,...: --disable hết telnet, ssh, ftp,...:
inetadm -M tcp_wrappers=TRUE inetadm -M tcp_wrappers=FALSE
Note :
Option:
--Mở riêng từng service telnet, ssh, ftp --disable ftp, telnet, ssh
inetadm -m network/ftp:default tcp_wrappers=TRUE inetadm -m network/ftp:default tcp_wrappers=FALSE
inetadm -m network/telnet:default tcp_wrappers=TRUE inetadm -m network/telnet:default tcp_wrappers=FASLE
# vi /etc/hosts.deny
In.telnetd:all:banners /etc/banners.deny :spawn echo `date` "%h truying to connect by telnet" >> / var/log/telnet.log