On 02 Aug 2001 17:28:08 -0500, Mikkel L. Ellertson wrote:
> On 2 Aug 2001, Christopher Keller wrote:
>
> >
> /etc/host.allow and /etc/hosts.deny are used by serverses launched by
> inetd (or xinetd), and by servers that are compiled with tcpwrappers.
> It is a second line of defence. Connections that make it through
> iptables still have to meat the requirments of /etc/hosts.allow and
> /etc/hosts.deny if they use tcpwrappers. It can come in very handy if
> you make a mistake setting up iptables. When you see messages in the
> logs about services being denied that should never have made it through
> the firewall, you know you have problems!
>
> As far as Bastile locking things down, it does tell you it is going to
> do it, and gives you the option of allowing services to be run. I used
> it on my firewall, as well as my servers. I find it to be a handy
> security mesure, but it will lock things down more then you may want if
> you let it configure things to the default configuration, instead of
> answering questions to tayler it to your system.
>
> Mikkel
> --
>
Thanks for the repsonses guys, I'll be playing more with it this
weekend.
--
Christopher Keller
Systems Engineer
BeamReach Networks -- Sunnyvale, CA
_______________________________________________
Seawolf-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/seawolf-list
