Thanks to all guys who responded:
Timothy Lindgren <firstname.lastname@example.org>
Kevin L Prigge <email@example.com>
Ronald Loftin <firstname.lastname@example.org>
Sean Quaint <email@example.com>
All of them suggested to use tcp_wrapper. Representative for all others,
let me cite Kevin:
> You'll need tcpwrapper (ftp://ftp.cert.org/pub/tools/tcp_wrappers_7.6.tar.Z)
> which has an option to reject connections from IPs that don't
> do reverse resolution.
My orig question was:
> in the past we had some hacker problems. Can anybody of you
> explain how to prohibit remote logins from DNS-unresolved
> IP addresses? E.g. Access from "host.dom.ain" should be allowed
> but not from '22.214.171.124'.
> I'm on Solaris 2.x/SPARC.
Thanx again, Guenter
-- Dipl.-Ing. Guenter Millahn Brandenburg University of Technology Systems, Network & DB Admin CS Dept / DB & IS Research Group Voice: +49 (355) 69-2711 P.O. Box: 10 13 44 Fax: +49 (355) 69-2766 D-03013 Cottbus GERMANY
This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:13:34 CDT