On 10/25/2010 01:05 PM, James Gray wrote:
> On 25/10/2010, at 12:41 PM, Michael wrote:
>
>> On 10/22/2010 01:16 AM, Tapas Mishra wrote:
>>> I wanted to know if there is any place where people have shared these
>>> IPs which needs to be blocked I feel most of the time the entries must
>>> be common though not always.So if hosts.deny file is shared some where
>>> then give a link.(I do use auth.log to note IPs to block)
>>>
>>>
>> I have a bunch of entries in my hosts file with the 127.0.0.1 line
>> added. I have always seen the hosts.deny and hosts.allow files but
>> never know how to use them. When I google hosts.deny it says something
>> about blocking a range of IP addresses. Is it safe to assume that using
>> hosts.deny is more effective/better than just adding entries to the
>> hosts file?
> The /etc/hosts.{allow,deny} are part of tcp wrappers (ie, inetd/xinetd) and
> have very little to do with host resolution (which is what /etc/hosts is
> for). Normally, when I need to block an IP address I throw it at iptables
> (the firewall) which is the correct place for it in a lot of (read "most")
> situations.
>
Don't know what the general consensus is, but I've almost never really
used hosts.deny in real production. iptables just does everything I
need. OP might want to consider this
--
ubuntu-server mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam
