Could someone explain the point of /etc/hosts.allow in conjunction with
iptables? I'm just getting started playing with firewalls, so be nice.
Background: Feeling lucky, I decided to install Bastille over the
weekend. Imagine my surprise when I couldn't ssh to my machine even
though I explictly allowed it in iptables. Apparently (by default??)
Bastille locks down /etc/hosts.allow so nothing comes in. To those who
don't know, apparently hosts.allow is consulted prior to iptables. So,
after making a quick addition of sshd to hosts.allow I'm able to get
back into my machine remotely. So in essence, I have every port blocked
on my computer (excpet ssh) twice; once from hosts.allow and once from
the iptables entries? If hosts.allow is already denying traffic, what's
the point of iptables? Do I even need iptable anymore? Couldn't I
effectively secure my machine by locking down all traffic in
/etc/hosts.allow with the exception of ssh?
Thanks for the insight....
--
Christopher Keller
Systems Engineer
BeamReach Networks -- Sunnyvale, CA
_______________________________________________
Seawolf-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/seawolf-list
