Thursday, May 8, 2014

Tcp Wrapper's Security

TCP wrapper based access List Rules can be included in the two files
/etc/hosts.allow and
/etc/hosts.deny .

Work precedence:

/etc/hosts.allow-
if allow will not check 2
if not found then go to 2
/etc/hosts.deny .
if not found allow access.

Points to remember

You can have only one rule per service in hosts.allow and hosts.deny file.
Any changes to hosts.allow and hosts.deny file takes immediate effect.
The last line in the files hosts.allow and hosts.deny must be a new line character. Or else the rule will fail.

ALL : 192.168.0.1/255.255.255.0
sshd : ALL EXCEPT 192.168.0.15
in.telnetd : 192.168.5.5 : deny
in.telnetd : 192.168.5.6 : allow

No comments:

Post a Comment