RE: hosts.deny
Another thing might be services which don't use TCP Wrappers like sshd
compiled without the --with-libwrap option etc - these services won't care
what's in the hosts.* files.
Regards,
Marcin Pacyna
-----Original Message-----
From: Nathan [mailto:smurf@netutah.com]
Sent: Wednesday, September 06, 2000 3:19 PM
To: debian-isp@ghost.net.cfw.com
Cc: debian-isp
Subject: Re: hosts.deny
PARANOID does not mean "anyone" it means anyone who the reverse DNS lookup
fails on.
Trty:
hosts.allow:
ALL: X.X.X.X (replace as needed ;)
hosts.deny:
ALL: ALL
-Nathan
On Wed, 6 Sep 2000 debian-isp@ghost.net.cfw.com wrote:
> Hello ISPers,
> I have a question re: security.
> I my hosts.deny I have:
>
> # The PARANOID wildcard matches any host whose name does not match its
> # address.
> ALL: PARANOID
>
> Basically I am trying to deny all but one IP address to any service. Yet I
> wanted to test it by trying to open a ssh session to the machine and I can
> ssh in just fine. I was wondering what I was doing wrong in my
> host.deny. I have nothing in my host.allow also.
>
> Any advice appriciated.
>
> D. Ghost
>
> 'space ghost and debian ghost are one'
>
>
>
> --
> To UNSUBSCRIBE, email to debian-isp-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org
>
--
To UNSUBSCRIBE, email to debian-isp-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org
-------------------------------------------------------------------------
This email server is running an evaluation copy of the MailShield anti-
spam software. Please contact your email administrator if you have any
questions about this message. MailShield product info: www.mailshield.com
Reply to: