From owner-freebsd-questions  Mon May 28 11:56:43 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from camel.kdsi.net (camel.kdsi.net [206.103.113.218])
	by hub.freebsd.org (Postfix) with ESMTP id A250537B422
	for <freebsd-questions@FreeBSD.ORG>; Mon, 28 May 2001 11:56:38 -0700 (PDT)
	(envelope-from tony@camel.kdsi.net)
Received: from dw35617 (cras77p163.navix.net [216.170.36.165])
	by camel.kdsi.net (8.11.1/8.11.3) with SMTP id f4SIxIN90066;
	Mon, 28 May 2001 13:59:18 -0500 (CDT)
	(envelope-from tony@camel.kdsi.net)
Message-ID: <002b01c0e7a8$33b81d40$a524aad8@dw35617>
From: "Tony Wells" <tony@camel.kdsi.net>
To: "Lee Mark Mercado" <mercadolee@hotmail.com>,
	<freebsd-questions@FreeBSD.ORG>
References: <F62Odutox7nyeKzGZuN0000f396@hotmail.com>
Subject: Re: blocking IPs
Date: Mon, 28 May 2001 13:58:33 -0500
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.50.4522.1200
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

Someone mentioned off-list that /etc/hosts.allow might be easier for a
newbie to setup, which I agree it is.  The problem is it only controls
access to services that are started by inetd.  If you wonder what those
services are check /etc/inetd.conf.  (Also a good starting place to enact a
security policy, turn off stuff you don't really need.)

If you want to control access to services not started by inetd a
firewall/packet filter is the best choice.  Getting one started can be a bit
daunting, the book from O'Reilly is pretty good.  Just remember if screw up
your firewall rules you can lock out net access to the box, so it's best to
be at a console when you're getting started.

Whichever you, chose good luck.
----- Original Message -----
From: "Lee Mark Mercado" <mercadolee@hotmail.com>
To: <freebsd-questions@FreeBSD.ORG>
Sent: Sunday, May 27, 2001 12:31 PM
Subject: blocking IPs


> how do i block certain IP's in accessing my freeBSD BOX ? which file
should
> i edit ?
> _________________________________________________________________
> Get your FREE download of MSN Explorer at http://explorer.msn.com
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-questions" in the body of the message


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message