-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
engage wrote on Wed, Nov 27, 2002 at 12:26:44PM -0700 :
> That was my problem. I simply executed msec 3 from the CLI and that resolved
> this issue. But, it was my understanding from the installation instructions
> that msec 4 was a good choice if you are going to run servers. I didn't
> expect it to prevent access to the servers! What good is having that security
> level if no clients can access the servers? I'm glad I didn't try level 5!
Because you are are supposed to specifically allow which services you
want people to connect to in the hosts.deny file. I suggest that you
read up on tcp wrappers. The system reads in hosts.deny, but allows you
to override that with hosts.allow.
hosts.deny
ALL:ALL
hosts.allow
httpd:ALL
sshd:192.168.1.
Then the only two services that people can connect to are httpd and
sshd. You allow anyone to connect to httpd, but only people on the
local lan to connect to sshd. 'man hosts_access' for more information.
Instead of "192.168.1.", I could have also done
"192.168.1.0/255.255.255.0".
Blue skies... Todd
- --
MandrakeSoft USA http://www.mandrakesoft.com
Easy things should be easy, and hard things should be possible.
--Larry Wall
Cooker Version mandrake-release-9.1-0.1mdk Kernel 2.4.20-0.4mdk
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQE95STXlp7v05cW2woRAnRTAKCXb1EO9eAKvPYoEZOkRXXYlQIodwCfa/04
c5SwL5mKcLbxZbIUZtgvMKo=
=jfA6
-----END PGP SIGNATURE-----
Want to buy your Pack or Services from MandrakeSoft?
Go to http://www.mandrakestore.com
