You'll need to modify the /etc/hosts.allow and /etc/host.deny files to restrict access to your machine. These files are used by the tcpd (tcp wrapper) and sshd programs to decide whether to accept a connection coming in from another IP address. ITC recommends that to start with, you restrict access to only network addresses that you know should be allowed access. These two example files allow connections from any address in the virginia.edu network domain, but no others.
Two files are used to by tcpd and sshd: hosts.allow and hosts.deny. The two configuration files are located in /etc.
Below is listed our suggestions for the content ed /etc/hosts.allow file, to permit connections to any services protected by the tcpd or sshd from only systems within the virginia.edu domain:
#
# hosts.allow This file describes the names of the hosts which are
# allowed to use the local INET services, as decided
# by the '/usr/sbin/tcpd' server.
#
# Only allow connections within the virginia.edu domain.
ALL: .virginia.edu
Below is our suggested /etc/hosts.deny file. With this configuration access to your machine from all hosts - except for those exceptions delimited in hosts.allow - is denied.
#
# hosts.deny This file describes the names of the hosts which are
# *not* allowed to use the local INET services, as decided
# by the '/usr/sbin/tcpd' server.
#
# deny all by default, only allowing hosts or domains listed in hosts.allow.
ALL: ALL