Date: Tue, 2 Feb 1999 19:06:55 -0500 From: "Norman C. Rice" <nrice@emu.sourcee.com> To: Binh Nguyen <Binh@asu.edu> Cc: freebsd-security@FreeBSD.ORG Subject: Re: hosts.allow and deny! Message-ID: <19990202190654.B16927@emu.sourcee.com> In-Reply-To: <Pine.GSO.3.96.990202112911.8764A-100000@ai.asu.edu>; from Binh Nguyen on Tue, Feb 02, 1999 at 11:31:40AM -0700 References: <Pine.GSO.3.96.990202112911.8764A-100000@ai.asu.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Feb 02, 1999 at 11:31:40AM -0700, Binh Nguyen wrote: > Hi! > > I want to ask a question. Is there a way on Freebsd2.2.8 that I could > implement the hosts.allow and hosts.deny, so no one could access my server > without being addin the hosts.allow. Just put "ALL: ALL" in /usr/local/etc/hosts.deny for a default policy of denying everyone access to all wrapped services. Grant service access by adding an appropriate entry in /usr/local/etc/hosts.allow. > Also, is there a good admin tool for system security such ask monitors > the system, or any tools that help on how to do hosts.allow and hosts.deny. tcpdchk(8) will check your tcp_wrappers configuration. tcpdmatch(8) will let you check how tcp_wrappers will respond to a specific request for service. `man 5 hosts_access' and `man 5 hosts_options' should provide you with more information on how to configure the access control files. There are several security-related monitors in the ports, e.g., arpwatch, smurflog, sniff, and sentry. You might also want to read the FreeBSD Security How-To at http://www.freebsd.org/~jkb/howto.html -- Regards, Norman C. Rice, Jr. > Thanks > > Binh Nguyen To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990202190654.B16927>