[SLE] hosts.deny sysntax?
Do you just put the ip like xxx.xxx.xxx.xxx in the hosts.deny file?anything needed to reload/restart? can you do ban like a whole subnet? There is notting in my hosts.deny and I'm a little bit too much in a hurry to track this info on my own. So please someone... Joakim -- -------------------------------------------------------------------------------------------- If I wouldn't have to accept the (f)act of being a human... I would just love the (f)act of being a god! -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
Joakim Schramm wrote:
Do you just put the ip like
xxx.xxx.xxx.xxx
in the hosts.deny file?anything needed to reload/restart?
can you do ban like a whole subnet? There is notting in my hosts.deny and I'm a little bit too much in a hurry to track this info on my own.
IMHO change hosts.deny to ALL:ALL then add the ips you want to give access to to hosts.allow I think you need to restart inetd Nick -- -------------------------------------------------- Nick Zentena "Microsoft has unjustifiably jeopardized the stability and security of the operating system." U.S. District Judge Thomas Penfield Jackson Nov 5/1999 -------------------------------------------------- -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
to deny access to all ip's all services, hosts.deny ALL:ALL then specifically allow in hosts.allow in.telnetd: jim@somedomain.com in.ftpd: joe@somedomain.com ps aux | grep inetd (for pid of inetd) kill -HUP (pid of inetd) This will allow jim from somedomain.com to telnet in and joe from somedomain.com to ftp in...hope this helps... Cliff Pankonien System Administrator Delaware.Net, Inc. http://www.delaware.net E: cliff@delaware.net P: 302.736.5515 ICQ: 5486073 Visit our Tucows Linux mirror at http://delaware.linux.tucows.com On Mon, 14 Feb 2000, Nick Zentena wrote:
Joakim Schramm wrote:
Do you just put the ip like
xxx.xxx.xxx.xxx
in the hosts.deny file?anything needed to reload/restart?
can you do ban like a whole subnet? There is notting in my hosts.deny and I'm a little bit too much in a hurry to track this info on my own.
IMHO change hosts.deny to ALL:ALL
then add the ips you want to give access to to hosts.allow
I think you need to restart inetd
Nick -- -------------------------------------------------- Nick Zentena "Microsoft has unjustifiably jeopardized the stability and security of the operating system." U.S. District Judge Thomas Penfield Jackson Nov 5/1999 --------------------------------------------------
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
opps. that should have been jim.somedomains.com and joe.somedomain.com... Cliff Pankonien System Administrator Delaware.Net, Inc. http://www.delaware.net E: cliff@delaware.net P: 302.736.5515 ICQ: 5486073 Visit our Tucows Linux mirror at http://delaware.linux.tucows.com On Mon, 14 Feb 2000, Cliff Pankonien wrote:
to deny access to all ip's all services,
hosts.deny
ALL:ALL
then specifically allow in hosts.allow
in.telnetd: jim@somedomain.com in.ftpd: joe@somedomain.com
ps aux | grep inetd (for pid of inetd)
kill -HUP (pid of inetd)
This will allow jim from somedomain.com to telnet in and joe from somedomain.com to ftp in...hope this helps...
Cliff Pankonien System Administrator Delaware.Net, Inc. http://www.delaware.net E: cliff@delaware.net P: 302.736.5515 ICQ: 5486073
Visit our Tucows Linux mirror at http://delaware.linux.tucows.com
On Mon, 14 Feb 2000, Nick Zentena wrote:
Joakim Schramm wrote:
Do you just put the ip like
xxx.xxx.xxx.xxx
in the hosts.deny file?anything needed to reload/restart?
can you do ban like a whole subnet? There is notting in my hosts.deny and I'm a little bit too much in a hurry to track this info on my own.
IMHO change hosts.deny to ALL:ALL
then add the ips you want to give access to to hosts.allow
I think you need to restart inetd
Nick -- -------------------------------------------------- Nick Zentena "Microsoft has unjustifiably jeopardized the stability and security of the operating system." U.S. District Judge Thomas Penfield Jackson Nov 5/1999 --------------------------------------------------
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
On Mon, 14 Feb 2000, Joakim Schramm wrote:
<-]Date: Mon, 14 Feb 2000 21:21:03 +0100
<-]From: Joakim Schramm
Hi.
At 21:21 on 14 Feb 00, Joakim Schramm begun to yabber about "[SLE] hosts.deny sysntax?"
Date sent: Mon, 14 Feb 2000 21:21:03 +0100
From: Joakim Schramm
Do you just put the ip like
xxx.xxx.xxx.xxx
in the hosts.deny file?anything needed to reload/restart?
You will have to restart inetd like this: /etc/rc.d/inetd stop /etc/rc.d/inetd start or /etc/rc.d/inetd restart That will make inetd reload your hosts files and use them for future future connections. Cya Matthew Matthew King: Network Engineer, Cable & Wireless Optus. My ICQ#: 2342475 Message me! Cellular Phone: +61 415 257 516 041 525 7516 (Inside .au) Home e-mail: nerd@zip.com.au Work e-mail: Matthew.King@cwo.net.au Homepage: http://www.zip.com.au/~nerd/ -----BEGIN GEEK CODE BLOCK----- Version: 3.12 GIT d+ s: a--- C++++ UL++++ P+ L+++ E---- W++ N++ o++ K w O- M- V- PS+ PE Y+ PGP- t+ 5++++ X++ R+ tv++ b+++ DI+++++ D++ G+++ e* h* r++ y+ ------END GEEK CODE BLOCK------ -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
OK, thanks a lot to you all. I have got a good base for a decision of my own. Joakim Joakim Schramm skrev:
Do you just put the ip like
xxx.xxx.xxx.xxx
in the hosts.deny file?anything needed to reload/restart?
can you do ban like a whole subnet? There is notting in my hosts.deny and I'm a little bit too much in a hurry to track this info on my own.
So please someone...
Joakim -- -------------------------------------------------------------------------------------------- If I wouldn't have to accept the (f)act of being a human... I would just love the (f)act of being a god!
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
-- -------------------------------------------------------------------------------------------- If I wouldn't have to accept the (f)act of being a human... I would just love the (f)act of being a god! -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
participants (5)
-
cliff@delaware.net -
joakim@humanet.se -
nbea@ecn.ulaval.ca -
nerd@zip.com.au -
zentena@hophead.dyndns.org