FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Red Hat Linux

 
 
LinkBack Thread Tools
 
Old 10-20-2008, 07:53 AM
 
Default Restrict access to a particular server.

Yes you can restrict by port number


Sent via BlackBerry from T-Mobile

-----Original Message-----
From: "Rohit khaladkar" <rohit.khaladkar@gmail.com>

Date: Mon, 20 Oct 2008 12:39:32
To: General Red Hat Linux discussion list<redhat-list@redhat.com>
Subject: Restrict access to a particular server.


Hi All,I have two machines with Red Hat linux 5.2 installed of which one is
a database server running Oracle 10.0.4 on it. I need a iptable rule which
would make sure that only the other machine would have access to it.

For eg : If I have two macihnes, machine A and machine B, of which machine B
is a database server, can I setup a iptable rule on machine B , which would
allow access to the database only by machine A.

Please help.

Thanks!
Rohit Khaladkar
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
 
Old 10-20-2008, 08:37 AM
"Geofrey Rainey"
 
Default Restrict access to a particular server.

You want something like this:

Iptables -A INPUT -s machine_A -p tcp --dport 1521 -j ACCEPT

This rule means allow access to port 1521 from IP machine_A.
Of course this rule alone will not prevent all-and-sundry from
Connecting to the server on any port, so you'll need to add
Many more rules to secure your server.

Regards,
Geoff.

-----Original Message-----
From: redhat-list-bounces@redhat.com
[mailto:redhat-list-bounces@redhat.com] On Behalf Of Rohit khaladkar
Sent: Monday, 20 October 2008 8:10 p.m.
To: General Red Hat Linux discussion list
Subject: Restrict access to a particular server.

Hi All,I have two machines with Red Hat linux 5.2 installed of which one
is a database server running Oracle 10.0.4 on it. I need a iptable rule
which would make sure that only the other machine would have access to
it.

For eg : If I have two macihnes, machine A and machine B, of which
machine B is a database server, can I setup a iptable rule on machine B
, which would allow access to the database only by machine A.

Please help.

Thanks!
Rohit Khaladkar
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
================================================== ========
For more information on the Television New Zealand Group, visit us
online at tvnz.co.nz
================================================== ========
CAUTION: This e-mail and any attachment(s) contain information that
is intended to be read only by the named recipient(s). This information
is not to be used or stored by any other person and/or organisation.


--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
 
Old 10-20-2008, 09:21 AM
"Rohit khaladkar"
 
Default Restrict access to a particular server.

Thanks Geoff!! This would definitely help. So can there cannot be a master
rule on the which would prevent all ip adresses except one.(machine A)?
Thanks!
Rohit

On Mon, Oct 20, 2008 at 2:07 PM, Geofrey Rainey
<Geofrey.Rainey@tvnz.co.nz>wrote:

> You want something like this:
>
> Iptables -A INPUT -s machine_A -p tcp --dport 1521 -j ACCEPT
>
> This rule means allow access to port 1521 from IP machine_A.
> Of course this rule alone will not prevent all-and-sundry from
> Connecting to the server on any port, so you'll need to add
> Many more rules to secure your server.
>
> Regards,
> Geoff.
>
> -----Original Message-----
> From: redhat-list-bounces@redhat.com
> [mailto:redhat-list-bounces@redhat.com] On Behalf Of Rohit khaladkar
> Sent: Monday, 20 October 2008 8:10 p.m.
> To: General Red Hat Linux discussion list
> Subject: Restrict access to a particular server.
>
> Hi All,I have two machines with Red Hat linux 5.2 installed of which one
> is a database server running Oracle 10.0.4 on it. I need a iptable rule
> which would make sure that only the other machine would have access to
> it.
>
> For eg : If I have two macihnes, machine A and machine B, of which
> machine B is a database server, can I setup a iptable rule on machine B
> , which would allow access to the database only by machine A.
>
> Please help.
>
> Thanks!
> Rohit Khaladkar
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
> ================================================== ========
> For more information on the Television New Zealand Group, visit us
> online at tvnz.co.nz
> ================================================== ========
> CAUTION: This e-mail and any attachment(s) contain information that
> is intended to be read only by the named recipient(s). This information
> is not to be used or stored by any other person and/or organisation.
>
>
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
 
Old 10-20-2008, 10:15 AM
Stephen Gilbert
 
Default Restrict access to a particular server.

You can either set your default policy to drop

iptables -P INPUT DROP

This would drop all packets from all servers by default. Then the

iptables -A INPUT -s machine_A -p tcp --dport 1521 -j ACCEPT

would accept only packets from machine_A into Oracle.

You may want to add a few more ports, such as 22 for ssh access.

Alternately, you could add

iptables -A INPUT -s machine_A -p tcp --dport 1521 -j ACCEPT
iptables -A INPUT -p tcp --dport 1521 -j DROP

Baseically, this says machine A can hit 1521, but anyone else that
tries, just drop the packet.

Rohit khaladkar wrote:
> Thanks Geoff!! This would definitely help. So can there cannot be a master
> rule on the which would prevent all ip adresses except one.(machine A)?
> Thanks!
> Rohit
>
> On Mon, Oct 20, 2008 at 2:07 PM, Geofrey Rainey
> <Geofrey.Rainey@tvnz.co.nz>wrote:
>
>
>> You want something like this:
>>
>> Iptables -A INPUT -s machine_A -p tcp --dport 1521 -j ACCEPT
>>
>> This rule means allow access to port 1521 from IP machine_A.
>> Of course this rule alone will not prevent all-and-sundry from
>> Connecting to the server on any port, so you'll need to add
>> Many more rules to secure your server.
>>
>> Regards,
>> Geoff.
>>
>> -----Original Message-----
>> From: redhat-list-bounces@redhat.com
>> [mailto:redhat-list-bounces@redhat.com] On Behalf Of Rohit khaladkar
>> Sent: Monday, 20 October 2008 8:10 p.m.
>> To: General Red Hat Linux discussion list
>> Subject: Restrict access to a particular server.
>>
>> Hi All,I have two machines with Red Hat linux 5.2 installed of which one
>> is a database server running Oracle 10.0.4 on it. I need a iptable rule
>> which would make sure that only the other machine would have access to
>> it.
>>
>> For eg : If I have two macihnes, machine A and machine B, of which
>> machine B is a database server, can I setup a iptable rule on machine B
>> , which would allow access to the database only by machine A.
>>
>> Please help.
>>
>> Thanks!
>> Rohit Khaladkar
>> --
>> redhat-list mailing list
>> unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
>> https://www.redhat.com/mailman/listinfo/redhat-list
>> ================================================== ========
>> For more information on the Television New Zealand Group, visit us
>> online at tvnz.co.nz
>> ================================================== ========
>> CAUTION: This e-mail and any attachment(s) contain information that
>> is intended to be read only by the named recipient(s). This information
>> is not to be used or stored by any other person and/or organisation.
>>
>>
>> --
>> redhat-list mailing list
>> unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
>> https://www.redhat.com/mailman/listinfo/redhat-list
>>
>>

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
 
Old 10-20-2008, 10:21 AM
"Rohit khaladkar"
 
Default Restrict access to a particular server.

Great! This helps!! Thanks a lot!!
Rohit

On Mon, Oct 20, 2008 at 3:45 PM, Stephen Gilbert <linuxelf@gmail.com> wrote:

> You can either set your default policy to drop
>
> iptables -P INPUT DROP
>
> This would drop all packets from all servers by default. Then the
>
> iptables -A INPUT -s machine_A -p tcp --dport 1521 -j ACCEPT
>
> would accept only packets from machine_A into Oracle.
>
> You may want to add a few more ports, such as 22 for ssh access.
>
> Alternately, you could add
>
> iptables -A INPUT -s machine_A -p tcp --dport 1521 -j ACCEPT
> iptables -A INPUT -p tcp --dport 1521 -j DROP
>
> Baseically, this says machine A can hit 1521, but anyone else that
> tries, just drop the packet.
>
> Rohit khaladkar wrote:
> > Thanks Geoff!! This would definitely help. So can there cannot be a
> master
> > rule on the which would prevent all ip adresses except one.(machine A)?
> > Thanks!
> > Rohit
> >
> > On Mon, Oct 20, 2008 at 2:07 PM, Geofrey Rainey
> > <Geofrey.Rainey@tvnz.co.nz>wrote:
> >
> >
> >> You want something like this:
> >>
> >> Iptables -A INPUT -s machine_A -p tcp --dport 1521 -j ACCEPT
> >>
> >> This rule means allow access to port 1521 from IP machine_A.
> >> Of course this rule alone will not prevent all-and-sundry from
> >> Connecting to the server on any port, so you'll need to add
> >> Many more rules to secure your server.
> >>
> >> Regards,
> >> Geoff.
> >>
> >> -----Original Message-----
> >> From: redhat-list-bounces@redhat.com
> >> [mailto:redhat-list-bounces@redhat.com] On Behalf Of Rohit khaladkar
> >> Sent: Monday, 20 October 2008 8:10 p.m.
> >> To: General Red Hat Linux discussion list
> >> Subject: Restrict access to a particular server.
> >>
> >> Hi All,I have two machines with Red Hat linux 5.2 installed of which one
> >> is a database server running Oracle 10.0.4 on it. I need a iptable rule
> >> which would make sure that only the other machine would have access to
> >> it.
> >>
> >> For eg : If I have two macihnes, machine A and machine B, of which
> >> machine B is a database server, can I setup a iptable rule on machine B
> >> , which would allow access to the database only by machine A.
> >>
> >> Please help.
> >>
> >> Thanks!
> >> Rohit Khaladkar
> >> --
> >> redhat-list mailing list
> >> unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
> >> https://www.redhat.com/mailman/listinfo/redhat-list
> >> ================================================== ========
> >> For more information on the Television New Zealand Group, visit us
> >> online at tvnz.co.nz
> >> ================================================== ========
> >> CAUTION: This e-mail and any attachment(s) contain information that
> >> is intended to be read only by the named recipient(s). This information
> >> is not to be used or stored by any other person and/or organisation.
> >>
> >>
> >> --
> >> redhat-list mailing list
> >> unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
> >> https://www.redhat.com/mailman/listinfo/redhat-list
> >>
> >>
>
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
 
Old 10-20-2008, 01:58 PM
Ryan Golhar
 
Default Restrict access to a particular server.

Why not use hosts.allow/hosts.deny from xinetd? I allow port 22 access
via iptables, but use xinetd to restrict access by host. The reason for
this is there seems to be a lot of spoofing attempts


Rohit khaladkar wrote:

Great! This helps!! Thanks a lot!!
Rohit

On Mon, Oct 20, 2008 at 3:45 PM, Stephen Gilbert <linuxelf@gmail.com> wrote:


You can either set your default policy to drop

iptables -P INPUT DROP

This would drop all packets from all servers by default. Then the

iptables -A INPUT -s machine_A -p tcp --dport 1521 -j ACCEPT

would accept only packets from machine_A into Oracle.

You may want to add a few more ports, such as 22 for ssh access.

Alternately, you could add

iptables -A INPUT -s machine_A -p tcp --dport 1521 -j ACCEPT
iptables -A INPUT -p tcp --dport 1521 -j DROP

Baseically, this says machine A can hit 1521, but anyone else that
tries, just drop the packet.

Rohit khaladkar wrote:

Thanks Geoff!! This would definitely help. So can there cannot be a

master

rule on the which would prevent all ip adresses except one.(machine A)?
Thanks!
Rohit

On Mon, Oct 20, 2008 at 2:07 PM, Geofrey Rainey
<Geofrey.Rainey@tvnz.co.nz>wrote:



You want something like this:

Iptables -A INPUT -s machine_A -p tcp --dport 1521 -j ACCEPT

This rule means allow access to port 1521 from IP machine_A.
Of course this rule alone will not prevent all-and-sundry from
Connecting to the server on any port, so you'll need to add
Many more rules to secure your server.

Regards,
Geoff.

-----Original Message-----
From: redhat-list-bounces@redhat.com
[mailto:redhat-list-bounces@redhat.com] On Behalf Of Rohit khaladkar
Sent: Monday, 20 October 2008 8:10 p.m.
To: General Red Hat Linux discussion list
Subject: Restrict access to a particular server.

Hi All,I have two machines with Red Hat linux 5.2 installed of which one
is a database server running Oracle 10.0.4 on it. I need a iptable rule
which would make sure that only the other machine would have access to
it.

For eg : If I have two macihnes, machine A and machine B, of which
machine B is a database server, can I setup a iptable rule on machine B
, which would allow access to the database only by machine A.

Please help.

Thanks!
Rohit Khaladkar
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
================================================== ========
For more information on the Television New Zealand Group, visit us
online at tvnz.co.nz
================================================== ========
CAUTION: This e-mail and any attachment(s) contain information that
is intended to be read only by the named recipient(s). This information
is not to be used or stored by any other person and/or organisation.


--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list



--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
 
Old 10-20-2008, 02:41 PM
"Florez, Nestor"
 
Default Restrict access to a particular server.

I use this rule on my iptables to allow only host 192.65.1.101 access to my server
-A RH-Firewall-1-INPUT -s 192.65.1.101 -j ACCEPT




-----Original Message-----
From: redhat-list-bounces@redhat.com [mailto:redhat-list-bounces@redhat.com]On Behalf Of Geofrey Rainey
Sent: Monday, October 20, 2008 1:37 AM
To: General Red Hat Linux discussion list
Subject: RE: Restrict access to a particular server.

You want something like this:

Iptables -A INPUT -s machine_A -p tcp --dport 1521 -j ACCEPT

This rule means allow access to port 1521 from IP machine_A.
Of course this rule alone will not prevent all-and-sundry from
Connecting to the server on any port, so you'll need to add
Many more rules to secure your server.

Regards,
Geoff.

-----Original Message-----
From: redhat-list-bounces@redhat.com
[mailto:redhat-list-bounces@redhat.com] On Behalf Of Rohit khaladkar
Sent: Monday, 20 October 2008 8:10 p.m.
To: General Red Hat Linux discussion list
Subject: Restrict access to a particular server.

Hi All,I have two machines with Red Hat linux 5.2 installed of which one
is a database server running Oracle 10.0.4 on it. I need a iptable rule
which would make sure that only the other machine would have access to
it.

For eg : If I have two macihnes, machine A and machine B, of which
machine B is a database server, can I setup a iptable rule on machine B
, which would allow access to the database only by machine A.

Please help.

Thanks!
Rohit Khaladkar
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
================================================== ========
For more information on the Television New Zealand Group, visit us
online at tvnz.co.nz
================================================== ========
CAUTION: This e-mail and any attachment(s) contain information that
is intended to be read only by the named recipient(s). This information
is not to be used or stored by any other person and/or organisation.


--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
 
Old 10-20-2008, 02:42 PM
"Marti, Rob"
 
Default Restrict access to a particular server.

Not sure Oracle allows tcpwrappers...

Rob Marti

I'd do -A INPUT -s !machine_A -p tcp --dport 1521 -j DROP
If you're only ever going to give one box access to the database.

-----Original Message-----
From: redhat-list-bounces@redhat.com [mailto:redhat-list-bounces@redhat.com] On Behalf Of Ryan Golhar
Sent: Monday, October 20, 2008 8:58 AM
To: General Red Hat Linux discussion list
Subject: Re: Restrict access to a particular server.

Why not use hosts.allow/hosts.deny from xinetd? I allow port 22 access
via iptables, but use xinetd to restrict access by host. The reason for this is there seems to be a lot of spoofing attempts

Rohit khaladkar wrote:
> Great! This helps!! Thanks a lot!!
> Rohit
>
> On Mon, Oct 20, 2008 at 3:45 PM, Stephen Gilbert <linuxelf@gmail.com> wrote:
>
>> You can either set your default policy to drop
>>
>> iptables -P INPUT DROP
>>
>> This would drop all packets from all servers by default. Then the
>>
>> iptables -A INPUT -s machine_A -p tcp --dport 1521 -j ACCEPT
>>
>> would accept only packets from machine_A into Oracle.
>>
>> You may want to add a few more ports, such as 22 for ssh access.
>>
>> Alternately, you could add
>>
>> iptables -A INPUT -s machine_A -p tcp --dport 1521 -j ACCEPT iptables
>> -A INPUT -p tcp --dport 1521 -j DROP
>>
>> Baseically, this says machine A can hit 1521, but anyone else that
>> tries, just drop the packet.
>>
>> Rohit khaladkar wrote:
>>> Thanks Geoff!! This would definitely help. So can there cannot be a
>> master
>>> rule on the which would prevent all ip adresses except one.(machine A)?
>>> Thanks!
>>> Rohit
>>>
>>> On Mon, Oct 20, 2008 at 2:07 PM, Geofrey Rainey
>>> <Geofrey.Rainey@tvnz.co.nz>wrote:
>>>
>>>
>>>> You want something like this:
>>>>
>>>> Iptables -A INPUT -s machine_A -p tcp --dport 1521 -j ACCEPT
>>>>
>>>> This rule means allow access to port 1521 from IP machine_A.
>>>> Of course this rule alone will not prevent all-and-sundry from
>>>> Connecting to the server on any port, so you'll need to add Many
>>>> more rules to secure your server.
>>>>
>>>> Regards,
>>>> Geoff.
>>>>
>>>> -----Original Message-----
>>>> From: redhat-list-bounces@redhat.com
>>>> [mailto:redhat-list-bounces@redhat.com] On Behalf Of Rohit
>>>> khaladkar
>>>> Sent: Monday, 20 October 2008 8:10 p.m.
>>>> To: General Red Hat Linux discussion list
>>>> Subject: Restrict access to a particular server.
>>>>
>>>> Hi All,I have two machines with Red Hat linux 5.2 installed of
>>>> which one is a database server running Oracle 10.0.4 on it. I need
>>>> a iptable rule which would make sure that only the other machine
>>>> would have access to it.
>>>>
>>>> For eg : If I have two macihnes, machine A and machine B, of which
>>>> machine B is a database server, can I setup a iptable rule on
>>>> machine B , which would allow access to the database only by machine A.
>>>>
>>>> Please help.
>>>>
>>>> Thanks!
>>>> Rohit Khaladkar
>>>> --
>>>> redhat-list mailing list
>>>> unsubscribe
>>>> mailto:redhat-list-request@redhat.com?subject=unsubscribe
>>>> https://www.redhat.com/mailman/listinfo/redhat-list
>>>> ================================================== ========
>>>> For more information on the Television New Zealand Group, visit us
>>>> online at tvnz.co.nz
>>>> ================================================== ========
>>>> CAUTION: This e-mail and any attachment(s) contain information
>>>> that is intended to be read only by the named recipient(s). This
>>>> information is not to be used or stored by any other person and/or organisation.
>>>>
>>>>
>>>> --
>>>> redhat-list mailing list
>>>> unsubscribe
>>>> mailto:redhat-list-request@redhat.com?subject=unsubscribe
>>>> https://www.redhat.com/mailman/listinfo/redhat-list
>>>>
>>>>
>> --
>> redhat-list mailing list
>> unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
>> https://www.redhat.com/mailman/listinfo/redhat-list
>>

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
 
Old 10-20-2008, 02:47 PM
Ryan Golhar
 
Default Restrict access to a particular server.

Ah, didn't read the first part of the email. My bad.

Marti, Rob wrote:

Not sure Oracle allows tcpwrappers...

Rob Marti

I'd do -A INPUT -s !machine_A -p tcp --dport 1521 -j DROP
If you're only ever going to give one box access to the database.

-----Original Message-----
From: redhat-list-bounces@redhat.com [mailto:redhat-list-bounces@redhat.com] On Behalf Of Ryan Golhar
Sent: Monday, October 20, 2008 8:58 AM
To: General Red Hat Linux discussion list
Subject: Re: Restrict access to a particular server.

Why not use hosts.allow/hosts.deny from xinetd? I allow port 22 access
via iptables, but use xinetd to restrict access by host. The reason for this is there seems to be a lot of spoofing attempts

Rohit khaladkar wrote:

Great! This helps!! Thanks a lot!!
Rohit

On Mon, Oct 20, 2008 at 3:45 PM, Stephen Gilbert <linuxelf@gmail.com> wrote:


You can either set your default policy to drop

iptables -P INPUT DROP

This would drop all packets from all servers by default. Then the

iptables -A INPUT -s machine_A -p tcp --dport 1521 -j ACCEPT

would accept only packets from machine_A into Oracle.

You may want to add a few more ports, such as 22 for ssh access.

Alternately, you could add

iptables -A INPUT -s machine_A -p tcp --dport 1521 -j ACCEPT iptables
-A INPUT -p tcp --dport 1521 -j DROP

Baseically, this says machine A can hit 1521, but anyone else that
tries, just drop the packet.

Rohit khaladkar wrote:

Thanks Geoff!! This would definitely help. So can there cannot be a

master

rule on the which would prevent all ip adresses except one.(machine A)?
Thanks!
Rohit

On Mon, Oct 20, 2008 at 2:07 PM, Geofrey Rainey
<Geofrey.Rainey@tvnz.co.nz>wrote:



You want something like this:

Iptables -A INPUT -s machine_A -p tcp --dport 1521 -j ACCEPT

This rule means allow access to port 1521 from IP machine_A.
Of course this rule alone will not prevent all-and-sundry from
Connecting to the server on any port, so you'll need to add Many
more rules to secure your server.

Regards,
Geoff.

-----Original Message-----
From: redhat-list-bounces@redhat.com
[mailto:redhat-list-bounces@redhat.com] On Behalf Of Rohit
khaladkar
Sent: Monday, 20 October 2008 8:10 p.m.
To: General Red Hat Linux discussion list
Subject: Restrict access to a particular server.

Hi All,I have two machines with Red Hat linux 5.2 installed of
which one is a database server running Oracle 10.0.4 on it. I need
a iptable rule which would make sure that only the other machine
would have access to it.

For eg : If I have two macihnes, machine A and machine B, of which
machine B is a database server, can I setup a iptable rule on
machine B , which would allow access to the database only by machine A.

Please help.

Thanks!
Rohit Khaladkar
--
redhat-list mailing list
unsubscribe
mailto:redhat-list-request@redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
================================================== ========
For more information on the Television New Zealand Group, visit us
online at tvnz.co.nz
================================================== ========
CAUTION: This e-mail and any attachment(s) contain information
that is intended to be read only by the named recipient(s). This
information is not to be used or stored by any other person and/or organisation.


--
redhat-list mailing list
unsubscribe
mailto:redhat-list-request@redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list



--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list



--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
 
Old 10-21-2008, 02:06 AM
"Sanjay Chakraborty"
 
Default Restrict access to a particular server.

Use tcpwrapper. Modify /etc/hosts.allow and /etc/hosts.deny. System
checks first allow list. Put IP their. Restart xined service. Hope it
will work for rhel 5 also.

On Mon, Oct 20, 2008 at 3:09 AM, Rohit khaladkar
<rohit.khaladkar@gmail.com> wrote:
> Hi All,I have two machines with Red Hat linux 5.2 installed of which one is
> a database server running Oracle 10.0.4 on it. I need a iptable rule which
> would make sure that only the other machine would have access to it.
>
> For eg : If I have two macihnes, machine A and machine B, of which machine B
> is a database server, can I setup a iptable rule on machine B , which would
> allow access to the database only by machine A.
>
> Please help.
>
> Thanks!
> Rohit Khaladkar
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>



--
Regards.
Sanjay Chakraborty

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
 

Thread Tools




All times are GMT. The time now is 04:34 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org