From: Jack Bowling <jbinpg@shaw.ca>
To: netfilter@lists.samba.org
Subject: Re: hosts.deny
Date: Sun, 07 Jul 2002 16:51:15 -0700 [thread overview]
Message-ID: <0GYW00K53KXH59@l-daemon> (raw)
In-Reply-To: <20020707230435.FXCG2755.mta05-svc.ntlworld.com@there>
** Reply to message from Antony Stone <Antony@Soft-Solutions.co.uk> on Mon, 08 Jul 2002 00:04:34 +0100
> On Sunday 07 July 2002 11:54 pm, Dennis Cardinale wrote:
>
> > When running a netfilter firewall, is there any reason to continue using
> > the hosts.deny and hosts.allow files, or is this just superfluous?
>
> hosts.allow can still be useful to specify a command to run when a connection
> comes in (eg to provide some special logging ?), but these files don't add
> any security to a decently configured netfilter setup.
Beg to differ. /etc/hosts.deny allows access tuning of services that are set wide open on the firewall, ssh being a prime example.
jb
--
Jack Bowling
mailto: jbinpg@shaw.ca
next prev parent reply other threads:[~2002-07-07 23:51 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-07-07 22:54 hosts.deny Dennis Cardinale
2002-07-07 23:04 ` hosts.deny Antony Stone
2002-07-07 23:51 ` Jack Bowling [this message]
2002-07-07 23:59 ` hosts.deny Antony Stone
2002-07-08 1:50 ` hosts.deny Jack Bowling
2002-07-08 13:09 ` hosts.deny Ian C. Sison
2002-07-08 12:07 ` hosts.deny Matthew Hellman
-- strict thread matches above, loose matches on Subject: below --
2002-07-07 23:03 hosts.deny George Vieira
2002-07-07 23:20 ` hosts.deny Martin Tomasek
2002-07-07 23:24 hosts.deny George Vieira
2002-07-07 23:29 ` hosts.deny Antony Stone
2002-07-07 23:33 ` hosts.deny Ed Street
2002-07-07 23:38 ` hosts.deny Antony Stone
2002-07-07 23:48 ` hosts.deny Ed Street
2002-07-07 23:57 ` hosts.deny Antony Stone
2002-07-08 0:01 ` hosts.deny Ed Street
2002-07-08 0:11 ` hosts.deny Antony Stone
2002-07-08 2:27 ` hosts.deny Ed Street
2002-07-08 2:33 ` hosts.deny Antony Stone
2002-07-08 2:35 ` hosts.deny Ed Street
2002-07-07 23:36 hosts.deny George Vieira
2002-07-07 23:43 ` hosts.deny Antony Stone
2002-07-07 23:49 ` hosts.deny Ed Street
2002-07-07 23:55 ` hosts.deny Antony Stone
2002-07-08 0:14 ` hosts.deny Martin Tomasek
2002-07-08 0:22 ` hosts.deny Antony Stone
2002-07-07 23:58 hosts.deny George Vieira
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=0GYW00K53KXH59@l-daemon \
--to=jbinpg@shaw.ca \
--cc=netfilter@lists.samba.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.