[TriLUG] Hostsallow, hostsdeny question

Alan Porter porter at trilug.org
Wed Mar 19 10:26:39 EDT 2008


> The firestarter event log has ME getting paranoid.

Note that hosts.allow and hosts.deny are only used by programs that
are linked with libwrap (xinetd is, lots of other server apps are).
Some applications may just be listening on external interfaces without
checking host.allow/deny.

If you're truly paranoid, make sure your firewall rules are tight.
Use SSH keys instead of passwords [1].  And you might even want to
install "knock", a very easy-to-use port knocking client and server.

Alan


[1] $ cat /etc/ssh/sshd_config
PermitRootLogin yes
PasswordAuthentication no
ChallengeResponseAuthentication no
UsePAM no






.



More information about the TriLUG mailing list