On Wed, 26 Mar 2008, Nico Kadel-Garcia wrote:

> On 25 Mar, 09:12, Rob <r...@nothere.com> wrote:
>
>> Steve,
>>
>> what about using tcp_wrappers as to perform a "route delete" on the offending IP?
>>
>> If memory serves, there was a porting of tcp_wrapper for SCO OS5 on a TLS076a
>> on the FTP site:
>>
>> ftp://ftp.sco.com/pub/TLS/tls076a.tcp_wrappers.tar.Z
>>
>> Hope this helps!
>
> If our faithful here only needs SSH access from a small set of well-
> maintained sites, that might work well. However, if he has clients who
> use NAT on their ISP networks (such as AOL, which uses 10.* internal
> addresses), than the tcp_wrapper will block the NAT and everything
> behind the NAT server.

Then perhaps a VPN (such as OpenVPN) is a more appropriate solution for
remote access, instead of SSH (although SSH can be used over the VPN).

>