iTOOL wrote:
>
> If I make changes to the hosts.allow and hosts.deny files, do I have to
> rebbot for these changes to take effect or is there a service (such as
> INETD) that I need to kill and re-start?
Yes, you have to restart or hangup inetd. Like this:
prompt # killall -HUP inetd
That makes inetd reread its configuration files, including
hosts.allow and hosts.deny.
One thing you need to watch for, is that not all daemons
use inetd. Look in /etc/inetd.conf and you will see what
runs what. If you see something like
.... /etc/bin/inetd in.telnetd
then you know that telnet is running under inet. The way this
works is that when the request comes in for a telnet login,
what is started is NOT telnet, but inetd. Inetd then checks
its configuration files to see if the connection is allowed
for that port (hosts.deny hosts.allow), and if so, then it
spawns in.telnetd and hands things over to it.
Another gotcha is "in.telnetd". This is probably a link
or a startup file for the telnet program. In some cases,
due to modifications to the Linux system, the link is dead
and some other program actually listens on the port and
responds and inetd is ignored. It is best to check and
double check these things. Here on my servers I use
qmail and ncftpd, neither of which runs under inetd although
the ports are listed there as well (commented out in my case).
Play with things and verify them. What works well to do
this is to get a friend to give you a telnet account somewhere
and you can probe, poke and telnet into YOUR computer from
HIS.
--
Ramon Gandia --- Sysadmin --- http://www.nook.net
285 West 1st Avenue ISP for Western Alaska
P.O. Box 970 tel. 907-443-7575
Nome, Alaska 99762 fax. 907-443-2487
=======================================================
