On Wednesday 27 November 2002 01:02 pm, you wrote:
> engage wrote on Wed, Nov 27, 2002 at 12:26:44PM -0700 :
> > That was my problem. I simply executed msec 3 from the CLI and that
> > resolved this issue. But, it was my understanding from the installation
> > instructions that msec 4 was a good choice if you are going to run
> > servers. I didn't expect it to prevent access to the servers! What good
> > is having that security level if no clients can access the servers? I'm
> > glad I didn't try level 5!
>
> Because you are are supposed to specifically allow which services you
> want people to connect to in the hosts.deny file.  I suggest that you
> read up on tcp wrappers.  The system reads in hosts.deny, but allows you
> to override that with hosts.allow.
>
> hosts.deny
> ALL:ALL
>
> hosts.allow
> httpd:ALL
> sshd:192.168.1.
>
> Then the only two services that people can connect to are httpd and
> sshd.  You allow anyone to connect to httpd, but only people on the
> local lan to connect to sshd.  'man hosts_access' for more information.
> Instead of "192.168.1.", I could have also done
> "192.168.1.0/255.255.255.0".
>
> Blue skies...                 Todd

I tried that, it didn't work - even after a network restart and then I tried 
a reboot - hosts.allow still didn't overide hosts.deny.


Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com

Reply via email to