From: Panel V. <vp...@ax...> - 2002-06-18 14:45:46
|
Just a little note about this : It is highly recommended not to use dynamic IP adresses for any host = related to administration. It is too trivial to 1) attack DNS servers = when host authentication is based on hostnames and 2) use a valid IP = adress when host authentication is based on ranges of such adress. Webmin offers the possibility to authenticate users via certificate : = use this instead (of course you can combine ip restriction and user = authentication). I'm certainly not a security expert but I think these = are the basics. Vincent Panel. -----Original Message----- From: Jamie Cameron [mailto:jca...@we...] Sent: Tue 6/18/2002 1:38 AM To: web...@li... Cc:=09 Subject: Re: ip restriction Ian Forsyth wrote: > Hi, >=20 > concerning restricting ip access.. what is the accepted format for = wild > card.. for instance 155.144.%.. >=20 > I want to let only six ips through to administer the server.. though = three > of those ips are dynamic.. is this currently supported? what are the > possible formats? You can enter networks like 154.144.0.0/255.255.0.0 for an entire class = B network, or single IP addresses, or wildcard hostnames like *.foo.com. In your case, dynamic IPs could pose a problem unless you have hostnames associated with them. In that case, you could just enter the hostname into the 'IP Access Control' , and make sure the 'Resolve hostnames on every request' is selected. - Jamie -------------------------------------------------------------------------= --- Bringing you mounds of caffeinated joy >>> http://thinkgeek.com/sf <<< - Forwarded by the Webmin mailing list at = web...@li... To remove yourself from this list, go to http://lists.sourceforge.net/lists/listinfo/webadmin-list |