-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
+++ John Joseph [linux-india] <25/10/01 05:34 -0700>:
> When I was trying to see the "/var/log/messages" ,
> I found this line "warning:/etc/hosts.allow, line 9:
> missing ":" seperator
> I found this type of line in the "/var/log/messages" ,
> I think I have not typed my hosts.allow file contents
> properly
> my "hosts.allow " contents are
> 200.100.50.1 pc1
> 200.100.50.2 pc2
That's the totally wrong format for hosts.allow - you are confusing
hosts.allow with /etc/hosts I think.
See this, for example.
#
# hosts.allow access control file for "tcp wrapped" applications.
# $FreeBSD: src/etc/hosts.allow,v 1.8.2.5 2001/08/30 16:02:37 dwmalone Exp $
#
# NOTE: The hosts.deny file is deprecated.
# Place both 'allow' and 'deny' rules in the hosts.allow file.
# See hosts_options(5) for the format of this file.
# hosts_access(5) no longer fully applies.
# _____ _ _
# | ____| __ __ __ _ _ __ ___ _ __ | | ___ | |
# | _| \ \/ / / _` | | '_ ` _ \ | '_ \ | | / _ \ | |
# | |___ > < | (_| | | | | | | | | |_) | | | | __/ |_|
# |_____| /_/\_\ \__,_| |_| |_| |_| | .__/ |_| \___| (_)
# |_|
# !!! This is an example! You will need to modify it for your specific
# !!! requirements!
# Start by allowing everything (this prevents the rest of the file
# from working, so remove it when you need protection).
# The rules here work on a "First match wins" basis.
#ALL : ALL : allow
# Wrapping sshd(8) is not normally a good idea, but if you
# need to do it, here's how
#sshd : .evil.cracker.example.com : deny
# Protect against simple DNS spoofing attacks by checking that the
# forward and reverse records for the remote host match. If a mismatch
# occurs, access is denied, and any positive ident response within
# 20 seconds is logged. No protection is afforded against DNS poisoning,
# IP spoofing or more complicated attacks. Hosts with no reverse DNS
# pass this rule.
ALL : PARANOID : RFC931 20 : deny
# Allow anything from localhost. Note that an IP address (not a host
# name) *MUST* be specified for portmap(8).
ALL : localhost 127.0.0.1 : allow
ALL : blackehlo.cluestick.org 202.153.41.190 : allow
# To use IPv6 addresses you must enclose them in []'s
ALL : [fe80::%fxp0]/10 : allow
ALL : [fe80::]/10 : deny
ALL : [3ffe:fffe:2:1:2:3:4:3fe1] : deny
ALL : [3ffe:fffe:2:1::]/64 : allow
# Sendmail can help protect you against spammers and relay-rapers
#sendmail : localhost : allow
#sendmail : .nice.guy.example.com : allow
#sendmail : .evil.cracker.example.com : deny
#sendmail : ALL : allow
# Exim is an alternative to sendmail, available in the ports tree
exim : localhost : allow
#exim : .nice.guy.example.com : allow
#exim : .evil.cracker.example.com : deny
exim : ALL : allow
# Portmapper is used for all RPC services; protect your NFS!
# (IP addresses rather than hostnames *MUST* be used here)
#portmap : 192.0.2.32/255.255.255.224 : allow
#portmap : 192.0.2.96/255.255.255.224 : allow
#portmap : ALL : deny
leafnode : localhost : allow
leafnode : ALL : deny
# Provide a small amount of protection for ftpd
#ftpd : localhost : allow
#ftpd : dsl092-042-136.lax1.dsl.speakeasy.net : allow
#ftpd : .evil.cracker.example.com : deny
#ftpd : ALL : allow
xinit : localhost : allow
#X11 : 202.153.41.190 : allow
xinit : ALL : deny
# You need to be clever with finger; do _not_ backfinger!! You can easily
# start a "finger war".
fingerd : ALL \
: spawn (echo Finger. | \
/usr/bin/mail -s "tcpd\: %u@%h[%a] fingered me!" root) & \
: deny
# The rest of the daemons are protected.
ALL : ALL \
: severity auth.info \
: twist /bin/echo "You are not welcome to use %d from %h."
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (FreeBSD)
Comment: Finger mallet<@>efn.org for key
iD8DBQE72DdFRB4r9e3t77kRAsr1AKCO6CY/3GhJ8hZSMcOKHDSRTY5DIwCfWAS5
ISqAhqMXB0prSmToFnDyiMc=
=TuU9
-----END PGP SIGNATURE-----
_______________________________________________
linux-india-help mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/linux-india-help
