Dear Jason and friends:
Here is my configuration of /etc/hosts.deny and /etc/hosts.allow. Please
not that it's in all caps and make sure you configure the right file.
And, of course, you have to be root to configure it.
1)
[sher@sher sher]$ cat /etc/hosts.deny
#
# hosts.deny This file describes the names of the hosts which are
# *not* allowed to use the local INET services, as decided
# by the '/usr/sbin/tcpd' server.
#
# The portmap line is redundant, but it is left to remind you that
# the new secure portmap uses hosts.deny and hosts.allow. In particular
# you should know that NFS uses portmap!
#
ALL : ALL
[sher@sher sher]$
2)
[sher@sher sher]$ cat /etc/hosts.allow
#
# hosts.allow This file describes the names of the hosts which are
# allowed to use the local INET services, as decided
# by the '/usr/sbin/tcpd' server.
#
#
ALL : LOCAL
[sher@sher sher]$
What this means is obvious: In the first example, everybody is denied
access to your system. In the second example, only local users (i.e.
yourself) are allowed to use your system. This, I understand, is the
most basic way to secure your system, and it will handle most security
threats. I hope one of our gurus can elaborate on this.
Benjamin
--
Benjamin and Anna Sher
[EMAIL PROTECTED]
Sher's Russian Web
http://www.websher.net
