Jeff Mcadams <jeffm@iglou.com> wrote
Thus spake pferraro@wna-linknet.com
Is there a way to deny access to the port, but allow only certain IPS to telnet to it?
I *think* this would work...would need to be an input filter of course...I *think* input filters filter data for packets destined for the system itself. I know IOS on cisco's doesn't do this, but I think the HiPer Arcs do. Keep in mind that to be sure, you'd also have to put this filter on all your dialup interfaces as well...
cisco does, you can apply an ACL to the vty's. eg: access-list 199 permit ip 10.216.0.0 0.0.0.255 any log-input access-list 199 deny ip any any log-input line vty 0 4 access-group 199 in now, does anyone know if the anti-spoof filters in hiper syslog? ^^; (I dont manage them myself) P ----* -- My words, my mail, my meaning. - To unsubscribe to usr-tc, send an email to "majordomo@xmission.com" with "unsubscribe usr-tc" in the body of the message. For information on digests or retrieving files and old messages send "help" to the same address. Do not use quotes in your message.