Another thing might be services which don't use TCP Wrappers like sshd
compiled without the --with-libwrap option etc - these services won't care
what's in the hosts.* files.
Regards,
Marcin Pacyna
-----Original Message-----
From: Nathan [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, September 06, 2000 3:19 PM
To: [EMAIL PROTECTED]
Cc: debian-isp
Subject: Re: hosts.deny
PARANOID does not mean "anyone" it means anyone who the reverse DNS lookup
fails on.
Trty:
hosts.allow:
ALL: X.X.X.X (replace as needed ;)
hosts.deny:
ALL: ALL
-Nathan
On Wed, 6 Sep 2000 [EMAIL PROTECTED] wrote:
> Hello ISPers,
> I have a question re: security.
> I my hosts.deny I have:
>
> # The PARANOID wildcard matches any host whose name does not match its
> # address.
> ALL: PARANOID
>
> Basically I am trying to deny all but one IP address to any service. Yet I
> wanted to test it by trying to open a ssh session to the machine and I can
> ssh in just fine. I was wondering what I was doing wrong in my
> host.deny. I have nothing in my host.allow also.
>
> Any advice appriciated.
>
> D. Ghost
>
> 'space ghost and debian ghost are one'
>
>
>
> --
> To UNSUBSCRIBE, email to [EMAIL PROTECTED]
> with a subject of "unsubscribe". Trouble? Contact
[EMAIL PROTECTED]
>
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact
[EMAIL PROTECTED]
-------------------------------------------------------------------------
This email server is running an evaluation copy of the MailShield anti-
spam software. Please contact your email administrator if you have any
questions about this message. MailShield product info: www.mailshield.com
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
