From owner-freebsd-stable Wed Aug 2 15:31:51 2000 Delivered-To: freebsd-stable@freebsd.org Received: from fnal.gov (heffalump.fnal.gov [131.225.9.20]) by hub.freebsd.org (Postfix) with ESMTP id C66DB37C56F for ; Wed, 2 Aug 2000 15:31:44 -0700 (PDT) (envelope-from zingelman@fnal.gov) Received: from nova.fnal.gov ([131.225.18.207]) by smtp.fnal.gov (PMDF V6.0-24 #44770) with ESMTP id <0FYO00JJ2RWSXU@smtp.fnal.gov> for freebsd-stable@FreeBSD.ORG; Wed, 02 Aug 2000 17:31:40 -0500 (CDT) Received: from localhost (tez@localhost) by nova.fnal.gov (8.9.3+Sun/8.9.1) with ESMTP id RAA16858; Wed, 02 Aug 2000 17:31:38 -0500 (CDT) Date: Wed, 02 Aug 2000 17:31:38 -0500 (CDT) From: Tim Zingelman Subject: Re: telnet connection refused from IP outside subnet In-reply-to: <200008021743.LAA92777@harmony.village.org> X-Sender: tez@nova.fnal.gov To: Warner Losh Cc: Mike Hoskins , plamendp@bgstore.com, freebsd-stable@FreeBSD.ORG Message-id: MIME-version: 1.0 Content-type: TEXT/PLAIN; charset=US-ASCII X-Authentication-warning: nova.fnal.gov: tez owned process doing -bs Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > : comment out the PARANOID line in /etc/hosts.allow? > : #ALL : PARANOID : RFC931 20 : deny > Yes. This PARANOID option is really quite silly since RFC 931 is > useless outside of your own administrative domain and off dubious > value inside it. Best to leave it commented out. > Warner The RFC931 part may be silly, but the PARANOID part keeps out any ip address that does not reverse DNS to a name. We find that useful. - Tim To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message