server_ip_allowed file: eliminating *.*.*.* entries
- Article Type: Q&A
- Product: Aleph
- Product Version: 20
Question
* $alephe_tab/server_ip_allowed file has the following entries:
W A 10.1.235.*
W A 10.1.1.*
W A *.*.*.*
P A *.*.*.*
P A *.*.*.*
X A 192.168.6.*
X A 192.168.3.*
X A 192.168.2.*
X A *.*.*.*
We are concerned about the vulnerability of having the *.*.*.* entries and would like to remove them.
If we do this, how do we determine what IP addresses we need to put into this allow file?
Answer
P" (PC Server):
include all IP addresses of all PCs which need to access the servers, using the "*" wildcard as much as feasible
include all Ex Libris Firewall addresses to allow support - see 'Ex Libris offices IP addresses' (KB 23827)
"X" (X-Server)
check all software running at your site, the only IP addresses for "X-Server" should be your own internal addresses
"W" (WWW Server):
to allow access for everyone, you need to keep
"W A *.*.*.*
Category: System Management (500)
Subject: Server Tables (500)
- Article last edited: 10/8/2013