On Tue, 27 Feb 2001 13:41:04 +0100 (MET), you wrote:
Hi,
at home I use a modem connection to my provider and up to now have tcpd installed to do basic access restrictions. So my /etc/hosts.deny forbids in principle everything to the outside world.
Is it really necessary to use instead a firewall for such dial-up connections?
Which arguments could you find from Security point of view???
Actually I'd prefer to stick with this simple solution, but maybe someone has convincing arguments against this approach...
Basically for tcpd to take effect the "protected" service need to be: 1) Compiled against libwrap (standalone method) or 2) use tcpd command in /etc/inetd.conf (ined method) Nevertheless a fw always take effect if it's correctly configured (you can use a deny default policy, eg). Why don't you use both (fw & tcpd)? =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= ** RoMaN SoFt / LLFB ** roman@madrid.com http://pagina.de/romansoft ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~