Question

* $alephe_tab/server_ip_allowed file has the following entries:

W A 10.1.235.*
W A 10.1.1.*
W A *.*.*.*

P A *.*.*.*
P A *.*.*.*

X A 192.168.6.*
X A 192.168.3.*
X A 192.168.2.*
X A *.*.*.*

We are concerned about the vulnerability of having the *.*.*.* entries and would like to remove them.
If we do this, how do we determine what IP addresses we need to put into this allow file?

Answer

P" (PC Server):
include all IP addresses of all PCs which need to access the servers, using the "*" wildcard as much as feasible
include all Ex Libris Firewall addresses to allow support - see 'Ex Libris offices IP addresses' (KB 23827)

"X" (X-Server)
check all software running at your site, the only IP addresses for "X-Server" should be your own internal addresses

"W" (WWW Server):
to allow access for everyone, you need to keep
"W A *.*.*.*

Category: System Management (500)

Subject: Server Tables (500)

• Article last edited: 10/8/2013