Date: Mon, 28 May 2001 16:28:04 -0700 From: Doug Barton <DougB@DougBarton.net> To: Tony Wells <tony@camel.kdsi.net> Cc: Lee Mark Mercado <mercadolee@hotmail.com>, freebsd-questions@FreeBSD.ORG Subject: Re: blocking IPs Message-ID: <3B12DF04.E2A8AF7@DougBarton.net> References: <F62Odutox7nyeKzGZuN0000f396@hotmail.com> <002b01c0e7a8$33b81d40$a524aad8@dw35617>
next in thread | previous in thread | raw e-mail | index | archive | help
Tony Wells wrote: > > Someone mentioned off-list that /etc/hosts.allow might be easier for a > newbie to setup, which I agree it is. The problem is it only controls > access to services that are started by inetd. That is not true on FreeBSD. At minimum it also allows control of the sshd that comes with the system. A firewall is a better choice for overall security, but if all the ports you actually have open are available to be controlled by hosts.allow, IMO you're at least 80% there, and that is sufficient for most desktop users. Doug To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3B12DF04.E2A8AF7>