Re: [ILUG] hosts.allow + hosts.deny

From: bobb at domain redbrick.dcu.ie
Date: Mon 31 Jul 2000 - 01:33:20 IST

• Next message: Kenn Humborg: "Re: [ILUG] hosts.allow + hosts.deny"
• Previous message: bobb at domain redbrick.dcu.ie: "Re: [ILUG] RH 6.2 Install via NFS/FTP - problem"
• In reply to: SP K: "[ILUG] hosts.allow + hosts.deny"
• Next in thread: Kenn Humborg: "Re: [ILUG] hosts.allow + hosts.deny"
• Reply: Kenn Humborg: "Re: [ILUG] hosts.allow + hosts.deny"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
• Mail actions: [ respond to this message ] [ mail a new topic ]

SP K hath declared on Friday the 28 day of July 2000 :-:

*Wow* you truely are getting great value for money out of this list....
Though I am curious how much searching and RTFMing you do...
Purely in the interests of "Teach a man to fish", did you read the
hosts.allow(5) man page ? Search google / www.linuxdoc.org ?
Granted, you may have to do more reading. and it could take longer
to find the answer, but by-golly your a lot more likely to remember....

You never know when this list may run out as a source of answers
for you...

> hi again, i have the usual reccodmended entry in my
> /etc/hosts.deny as ALL: ALL , but i want to know about
> , the entries in /etc/hosts.allow , are they allowing
> connectins _from_ or _to_ my box ?? , for example by

hosts.allow and hosts.deny are config files for tcp_wrappers, tcpd(8).
tcpd is a wrapper programme for services that you run on your box.
You have to specify in inetd.conf that the service is to be wrapped by tcpd.

ftp stream tcp nowait root /usr/sbin/in.ftpd in.ftpd -l -a
becomes...
ftp stream tcp nowait root /usr/sbin/tcpd in.ftpd -l -a

This is probably standard with most distro's at this stage....

When somthing attempts to connect to port 21, inetd starts tcpd which
looks at its config files to decide weather they can connect, if so,
it passes the connection on to the ftp daemon...

> denying everything does this mean that people cant ftp
> to me ?

Yup, assuming ftpd is wrapped by tcpd...

> do i have to put an ftp entry in
> /etc/hosts.allow to allow people to ftp to me ?

Yup...

IN.FTPD : .mydomain.com

have a gander at hosts_access(5) and hosts_options(5) for weird things you can
do to determine who is alowed to connect...

> AND also if i want to run some sort of server that
> isnt listed in /etc/inetd.conf do i have to put this
> in /etc/hosts.allow also ? , thanks
 
Um, memory is a bit hazy here, I _think_ you have to wrap them with inetd.
Go have a route around and tell us what you discover ;-)

-- 
Robert "bobb" Crosbie.
System Administrator, Internet Ireland.

• Next message: Kenn Humborg: "Re: [ILUG] hosts.allow + hosts.deny"
• Previous message: bobb at domain redbrick.dcu.ie: "Re: [ILUG] RH 6.2 Install via NFS/FTP - problem"
• In reply to: SP K: "[ILUG] hosts.allow + hosts.deny"
• Next in thread: Kenn Humborg: "Re: [ILUG] hosts.allow + hosts.deny"
• Reply: Kenn Humborg: "Re: [ILUG] hosts.allow + hosts.deny"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
• Mail actions: [ respond to this message ] [ mail a new topic ]

This archive was generated by hypermail 2.1.6 : Thu 06 Feb 2003 - 13:07:01 GMT