Mark,
Please straighen me out:
Mark Weaver wrote:
>
> The hosts.deny file is a file that Portsentry uses to keep track of ip
> addresses of machines that have scanned your machine's ports and tried to
> gain access to your machine.
ai4a says that his hosts.deny file contains "ALL: ALL: DENY". Doesn't
that mean that no one can log into his machine unless they are
specifically mentioned in the hosts.allow file? (And regardless of
whether portsentry is running or not?)
I was planning to set up an HTTP server on my local LAN and use the
hosts.deny file to disallow all access except from workstations on my
LAN which would be listed in hosts.allow.
(Aside: My LAN is behind a dos iproute "gateway" with limited access
rules -- basically it can receive responses to packets it sends out, but
does not accept unsolicted packets.)
Am I still leaving myself open to attacks? Won't the hosts.deny /
hosts.allow protect me even without the iproute gateway?
Thanks,
Randy Kramer
