A question about host...
apasselac at free.fr
Wed Sep 24 08:47:00 PDT 2003
[---- On Wed, 24 Sep, 2003 at 9:51, Payne wrote: ----]
> I am wanting to use host.allow and host.deny to make my box more secure.
> Is there a site that can explain how to use them.
If I remember well :
The lib libwrap.a corresponds to the famous name "tcp_wrappers".
This lib is designed to secure the access of some network services : xinetd,sshd,portmap, ...
Syntax of hosts_access files :
# Manage ALL tcp_wrapped services for the source address 192.168.1.2
# Manage the pop3 service for the source address corresponding to the name my.computer.fr
You can specify multiple services with the comma (pop3d, in.telnetd)
There is also the tag EXCEPT to specify an exception :
ALL: EXCEPT 220.127.116.11
Order of reading :
The tcp_wrapped network service will read before the hosts.allow and AFTRE the hosts.deny.
The current advice is to put the ALL:ALL in the hosts.deny
I hope it will help you.
> freebsd-questions at freebsd.org mailing list
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
[---- End of original mail from Payne ----]
"No guts No glory"
=] PASSELAC Armand [=
( @ @ )
Ingenieur Systemes-Reseaux & Securite
More information about the freebsd-questions