A question about host...
Armand Passelac
apasselac at free.fr
Wed Sep 24 08:47:00 PDT 2003
[---- On Wed, 24 Sep, 2003 at 9:51, Payne wrote: ----]
> Hi,
>
> I am wanting to use host.allow and host.deny to make my box more secure.
> Is there a site that can explain how to use them.
If I remember well :
The lib libwrap.a corresponds to the famous name "tcp_wrappers".
This lib is designed to secure the access of some network services : xinetd,sshd,portmap, ...
Syntax of hosts_access files :
service:host
examples :
# Manage ALL tcp_wrapped services for the source address 192.168.1.2
ALL: 192.168.1.2
# Manage the pop3 service for the source address corresponding to the name my.computer.fr
pop3d: my.computer.fr
You can specify multiple services with the comma (pop3d, in.telnetd)
There is also the tag EXCEPT to specify an exception :
ALL: EXCEPT 173.22.7.9
Order of reading :
The tcp_wrapped network service will read before the hosts.allow and AFTRE the hosts.deny.
The current advice is to put the ALL:ALL in the hosts.deny
I hope it will help you.
>
> Thanks,
>
> Pup
>
>
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
[---- End of original mail from Payne ----]
--
"No guts No glory"
=] PASSELAC Armand [=
( @ @ )
Ingenieur Systemes-Reseaux & Securite
ORBYTES INGENIERIE
More information about the freebsd-questions
mailing list