Hosts.deny works with inetd and tcpwrappers. Any service that is handled by inetd and passed to tcpwrappers can be configured by restrictions in hosts.deny. I am not aware that any other processes use hosts.allow/hosts.deny, but if anyone else knows, please mention it. You may also wish to look into adding portsentry (www.psionic.com) to your firewall arsenal. It will sit in the backgrounk listening to all the ports for innapropriate packet behaviour, and drop the offending IP into hosts.deny, as well as killing the route either with the route command, or ipchains if you add the line to do so. --Greg ----- Original Message ----- From: "Zaleski, Matthew (M.E.)" <[EMAIL PROTECTED]> > My primary way of securing my home Linux box (which is on a wireless > broadband modem 24/7 and static ip) is to use ALL:ALL in my /etc/hosts.deny > file and then add specific, trusted, addresses to the hosts.allow file. I > also have an ipchains firewall running (it's a big one that I hand > configured). The subject line says it all. What services running on a > Linux box ignore the hosts.deny file and just listen on the ports for > activity? > > > Matthew Zaleski > R&VT Vehicle Dynamics > Ford Motor Company > Phone: (313) 248-9866, Fax: (313) 390-4833 > [EMAIL PROTECTED] > > ---------------------------------------------------------------------------- ---- > Keep in touch with http://mandrakeforum.com: > Subscribe the "[EMAIL PROTECTED]" mailing list. > ______________________________________________________________________________ Vous avez un site perso ? 2 millions de francs � gagner sur i(france) ! Webmasters : ZE CONCOURS ! http://www.ifrance.com/_reloc/concours.emailif
Keep in touch with http://mandrakeforum.com: Subscribe the "[EMAIL PROTECTED]" mailing list.
