Incoming from Graham Monk:
> On Sunday 30 May 2004 14:20, s. keeling wrote:
> > known remote exploits. Lock down hosts.allow and hosts.deny.
>
> Thanks, lock down as in? Expert I'm not
For a simple user workstation box:
/etc/hosts.allow:
ALL: 127.0.0.1
/etc/hosts.deny:
ALL: ALL
Read those two files for an explanation of what they do. Mine mention
a couple of man pages you can read.
These are not magic bullets! Securing a machine takes a little bit of
everything including disabling daemons, ensuring updates are
installed, etc. If you don't need portmapper, turn it off. If you
need identd, install fauxident instead. If you can get away with
handing mail off to your ISP's mailhost, use ssmtp instead of a
fullblown MTA.
--
Any technology distinguishable from magic is insufficiently advanced.
(*) http://www.spots.ab.ca/~keeling
- -
_______________________________________________
clug-talk mailing list
[EMAIL PROTECTED]
http://clug.ca/mailman/listinfo/clug-talk_clug.ca
