KpyM Telnet/SSH Server - Forum
Refuse Logins by IP address |
Michael Sheppard |
Refuse Logins by IP address |
Jun 06 2007 21:16 |
|
I would like to automatically log any machine in from certain IP addresses, but deny all others.
I have KTS service running to service barcode logins; however, if something accidentally connects to the Telnet Server it auto-logs in and takes-up a barcode application licence.
Is there a setting for this or another way? I tried the CONSC.exe to build a script - but this doesn't seem to run properly on my XP machine.
Thank you
Michael Sheppard
|
Kroum Grigorov |
|
Jun 07 2007 08:29 |
|
You can parameter KTS to autologin all telnet sessions and then check the ip address in allusers.bat file and terminate sessions that does not come from your ip.
You can do that by
1) set kts to autologin, you do that by setting these params in kts.ini
[code:1:89e01f66c9]default_user = "autologin user name here"
default_pass = "autologin password here"[/code:1:89e01f66c9]
set this to 0 to force kts to kill disconnected sessions
[code:1:89e01f66c9]allow_disconnected_sessions = 0[/code:1:89e01f66c9]
2)in telnet.ini disable ctrl+c signal
[code:1:89e01f66c9]ctrl_c_enabled = 0[/code:1:89e01f66c9]
3) change allusers.bat file to this (don't forget to change 127.0.0.1 with your ip)
[code:1:89e01f66c9]@echo off
if not "%kts_ip%" == "127.0.0.1" (
echo 127.0.0.1 connections only - will exit now
pause
exit
)[/code:1:89e01f66c9]
Kroum
|
Johan |
|
Oct 22 2007 06:37 |
|
Hi,
Will you consider to make this automatic?
So KTS needs the following additional entry:
ban_after_max_tries
then store the IP adress in a file, and on the next login and the IP is from the ban list, refuse to answer the host.
Also I like to chance the prompts for SSH logins.. :-)
Johan
|
Kroum Grigorov |
|
Oct 22 2007 20:41 |
|
> Will you consider to make this automatic?
Yes, I'm thinking of ading this in some future version. It's in my todo list from some time. These hacking attempts are really annoying :) .
> Also I like to change the prompts for SSH logins
You can't. The SSH protocol leaves the login prompt entirely to the client. The server has no control on this.
Kroum
|
Johan |
|
Oct 24 2007 06:03 |
|
Thanks for the answer..
They are indeed annoying, it must be something automatic, every day I have attempts like these..
3492 : 2976 2007-10-23 16:20:25 146 : 0: can't read login
1268 : 1376 2007-10-23 16:20:25 396 : 0: KTS connected to 203.115.112.3:38237
3524 : 3504 2007-10-23 16:20:26 117 : 0: connected to 203.115.112.3:38237
3524 : 3504 2007-10-23 16:20:26 157 : 0: ssh initialized
3492 : 3672 2007-10-23 16:20:27 249 : 0: shutdown
3492 : 3672 2007-10-23 16:20:27 249 : 0: session.exe end
3524 : 3504 2007-10-23 16:20:28 571 : 0: ssh.login.end
3524 : 3504 2007-10-23 16:20:28 571 : 0: user not in allowed list
3524 : 3504 2007-10-23 16:20:28 581 : 0: login refused: [ daniel ] - Aanmeldingsfout: onbekende gebruikersnaam of ongeldig wachtwoord.
3524 : 3504 2007-10-23 16:20:28 821 : 0: can't read login
1268 : 1376 2007-10-23 16:20:29 62 : 0: KTS connected to 203.115.112.3:45339
1224 : 1128 2007-10-23 16:20:29 783 : 0: connected to 203.115.112.3:45339
1224 : 1128 2007-10-23 16:20:29 813 : 0: ssh initialized
3524 : 3152 2007-10-23 16:20:30 824 : 0: shutdown
3524 : 3152 2007-10-23 16:20:30 824 : 0: session.exe end
1224 : 1128 2007-10-23 16:20:38 245 : 0: ssh.login.end
1224 : 1128 2007-10-23 16:20:38 245 : 0: user not in allowed list
1224 : 1128 2007-10-23 16:20:38 255 : 0: login refused: [ william ] - Aanmeldingsfout: onbekende gebruikersnaam of ongeldig wachtwoord.
etc.. must be something automatic?
|
any |
|
Apr 26 2019 05:50 |
|
was not able to get auto login to work please explain more for disabling user pass?
|
© 2007 - 2008 Kroum Grigorov