/etc/hosts.allow syntax help - Ubuntu

This is a discussion on /etc/hosts.allow syntax help - Ubuntu ; I have leafnode running on my Ubuntu 6.06 LTS box and I have several Virtual Machines that I boot up to play with occasionally. Per the initial setup for leafnode, in /etc/hosts.allow I have: leafnode: 127.0.0.1 If I change the ...

+ Reply to Thread
Results 1 to 18 of 18

Thread: /etc/hosts.allow syntax help

  1. /etc/hosts.allow syntax help

    I have leafnode running on my Ubuntu 6.06 LTS box and I have several
    Virtual Machines that I boot up to play with occasionally.

    Per the initial setup for leafnode, in /etc/hosts.allow I have:

    leafnode: 127.0.0.1

    If I change the above to

    leafnode: ALL

    The VM can attach to the leafnode server via telnet. I have tried:

    leafnode: 127.0.0.1, xxx.xxx.xxx.xxx

    and

    leafnode: 127.0.0.1
    leafnode: xxx.xxx.xxx.xxx

    where the xxx is another local IP address on the network, and neither of
    the above allow the other machine to connect.

    The man pages were a little to cryptic apparently to give me the clue I
    needed so any hints would be appreciated.

    --
    David
    The Usenet Improvement Project: http://blinkynet.net/comp/uip5.html

    A couch is as good as a chair.

  2. Re: /etc/hosts.allow syntax help

    SINNER wrote:

    > I have leafnode running on my Ubuntu 6.06 LTS box and I have several
    > Virtual Machines that I boot up to play with occasionally.
    >
    > Per the initial setup for leafnode, in /etc/hosts.allow I have:
    >
    > leafnode: 127.0.0.1
    >
    > If I change the above to
    >
    > leafnode: ALL
    >
    > The VM can attach to the leafnode server via telnet. I have tried:
    >
    > leafnode: 127.0.0.1, xxx.xxx.xxx.xxx
    >

    try dropping the comma and make the line look like this ...

    leafnode: 127.0.0.1 xxx.xxx.xxx.xxx: ALLOW

    to be safe, if you haven't, end with ...

    leafnode: ALL: DENY

    Cheers.


    > and
    >
    > leafnode: 127.0.0.1
    > leafnode: xxx.xxx.xxx.xxx
    >
    > where the xxx is another local IP address on the network, and neither of
    > the above allow the other machine to connect.
    >
    > The man pages were a little to cryptic apparently to give me the clue I
    > needed so any hints would be appreciated.
    >


    --

    Proprietary Software: a 20th Century software business model.
    Intelligent and helpful Windoze error messages: http://tinyurl.com/2ks5dz






  3. Re: /etc/hosts.allow syntax help

    * NoStop wrote in alt.os.linux.ubuntu:

    [...]

    >> leafnode: 127.0.0.1, xxx.xxx.xxx.xxx


    > try dropping the comma and make the line look like this ...


    > leafnode: 127.0.0.1 xxx.xxx.xxx.xxx: ALLOW


    > to be safe, if you haven't, end with ...


    > leafnode: ALL: DENY


    On the same line or beneath it:

    1:
    leafnode: 127.0.0.1 xxx.xxx.xxx.xxx: ALLOW leafnode: ALL: DENY

    or

    2:
    leafnode: 127.0.0.1 xxx.xxx.xxx.xxx: ALLOW
    leafnode: ALL: DENY

    --
    David
    The Usenet Improvement Project: http://blinkynet.net/comp/uip5.html

    Hegel was right when he said that we learn from history that man
    can never learn anything from history. -George Bernard Shaw

  4. Re: /etc/hosts.allow syntax help

    * SINNER wrote in alt.os.linux.ubuntu:
    > * NoStop wrote in alt.os.linux.ubuntu:


    > [...]


    >>> leafnode: 127.0.0.1, xxx.xxx.xxx.xxx


    >> try dropping the comma and make the line look like this ...


    >> leafnode: 127.0.0.1 xxx.xxx.xxx.xxx: ALLOW


    >> to be safe, if you haven't, end with ...


    >> leafnode: ALL: DENY


    > On the same line or beneath it:


    > 1:
    > leafnode: 127.0.0.1 xxx.xxx.xxx.xxx: ALLOW leafnode: ALL: DENY


    > or


    > 2:
    > leafnode: 127.0.0.1 xxx.xxx.xxx.xxx: ALLOW


    Tried the above and left out the below deny. No Joy.

    > leafnode: ALL: DENY


    --
    David
    The Usenet Improvement Project: http://blinkynet.net/comp/uip5.html

    Use only as directed.

  5. Re: /etc/hosts.allow syntax help

    SINNER wrote:

    > * SINNER wrote in alt.os.linux.ubuntu:
    >> * NoStop wrote in alt.os.linux.ubuntu:

    >
    >> [...]

    >
    >>>> leafnode: 127.0.0.1, xxx.xxx.xxx.xxx

    >
    >>> try dropping the comma and make the line look like this ...

    >
    >>> leafnode: 127.0.0.1 xxx.xxx.xxx.xxx: ALLOW

    >
    >>> to be safe, if you haven't, end with ...

    >
    >>> leafnode: ALL: DENY

    >
    >> On the same line or beneath it:

    >
    >> 1:
    >> leafnode: 127.0.0.1 xxx.xxx.xxx.xxx: ALLOW leafnode: ALL: DENY

    >
    >> or

    >
    >> 2:
    >> leafnode: 127.0.0.1 xxx.xxx.xxx.xxx: ALLOW

    >
    > Tried the above and left out the below deny. No Joy.
    >
    >> leafnode: ALL: DENY

    >

    Sorry to ask the obvious, but you don't have a software firewall running by
    any chance?

    Since I don't run leafnode, I don't know whether it requires inetd to use
    the tcpwrapper? If it does, have you restarted that daemon after making
    changes to the hosts.allow file?

    Cheers.

    --

    Proprietary Software: a 20th Century software business model.
    Intelligent and helpful Windoze error messages: http://tinyurl.com/2ks5dz






  6. Re: /etc/hosts.allow syntax help

    NoStop wrote:

    > SINNER wrote:
    >
    >> * SINNER wrote in alt.os.linux.ubuntu:
    >>> * NoStop wrote in alt.os.linux.ubuntu:

    >>
    >>> [...]

    >>
    >>>>> leafnode: 127.0.0.1, xxx.xxx.xxx.xxx

    >>
    >>>> try dropping the comma and make the line look like this ...

    >>
    >>>> leafnode: 127.0.0.1 xxx.xxx.xxx.xxx: ALLOW

    >>
    >>>> to be safe, if you haven't, end with ...

    >>
    >>>> leafnode: ALL: DENY

    >>
    >>> On the same line or beneath it:

    >>
    >>> 1:
    >>> leafnode: 127.0.0.1 xxx.xxx.xxx.xxx: ALLOW leafnode: ALL: DENY

    >>
    >>> or

    >>
    >>> 2:
    >>> leafnode: 127.0.0.1 xxx.xxx.xxx.xxx: ALLOW

    >>
    >> Tried the above and left out the below deny. No Joy.
    >>
    >>> leafnode: ALL: DENY

    >>

    > Sorry to ask the obvious, but you don't have a software firewall running
    > by any chance?
    >
    > Since I don't run leafnode, I don't know whether it requires inetd to use
    > the tcpwrapper? If it does, have you restarted that daemon after making
    > changes to the hosts.allow file?
    >
    > Cheers.
    >

    Dave,

    Also, a little digging showed me that if you're going to use inetd then you
    need to add to the inetd.conf file:

    " Leafnode may be configured to use inetd by adding an entry to
    the /etc/inetd.conf file with the following command:

    echo "nntp stream tcp nowait news /usr/sbin/tcpd /usr/sbin/leafnode" \
    >> /etc/inetd.conf


    Issue a killall -HUP inetd to reread the changed inetd.conf file. "

    Or you can use xinetd instead of inetd. Read more here ...

    http://www.linuxfromscratch.org/blfs.../leafnode.html

    Cheers.

    --

    Proprietary Software: a 20th Century software business model.
    Intelligent and helpful Windoze error messages: http://tinyurl.com/2ks5dz






  7. Re: /etc/hosts.allow syntax help

    * NoStop wrote in alt.os.linux.ubuntu:
    > SINNER wrote:


    >> * SINNER wrote in alt.os.linux.ubuntu:
    >>> * NoStop wrote in alt.os.linux.ubuntu:


    >>> [...]


    >>>>> leafnode: 127.0.0.1, xxx.xxx.xxx.xxx


    >>>> try dropping the comma and make the line look like this ...


    >>>> leafnode: 127.0.0.1 xxx.xxx.xxx.xxx: ALLOW


    >>>> to be safe, if you haven't, end with ...


    >>>> leafnode: ALL: DENY


    >>> On the same line or beneath it:


    >>> 1:
    >>> leafnode: 127.0.0.1 xxx.xxx.xxx.xxx: ALLOW leafnode: ALL: DENY


    >>> or


    >>> 2:
    >>> leafnode: 127.0.0.1 xxx.xxx.xxx.xxx: ALLOW


    >> Tried the above and left out the below deny. No Joy.


    >>> leafnode: ALL: DENY


    > Sorry to ask the obvious, but you don't have a software firewall running by
    > any chance?


    Nope.

    > Since I don't run leafnode, I don't know whether it requires inetd to use
    > the tcpwrapper? If it does, have you restarted that daemon after making
    > changes to the hosts.allow file?


    I believe inetd is configured properly as a change to hosts.allow to:

    leafnode: ALL

    resolves the issue, no restart required, the change is immediate.

    --
    David
    The Usenet Improvement Project: http://blinkynet.net/comp/uip5.html

    Immortality -- a fate worse than death.
    -- Edgar A. Shoaff

  8. Re: /etc/hosts.allow syntax help

    * NoStop wrote in alt.os.linux.ubuntu:

    [...]

    > Dave,


    > Also, a little digging showed me that if you're going to use inetd then you
    > need to add to the inetd.conf file:


    > " Leafnode may be configured to use inetd by adding an entry to
    > the /etc/inetd.conf file with the following command:


    > echo "nntp stream tcp nowait news /usr/sbin/tcpd /usr/sbin/leafnode" \
    >>> /etc/inetd.conf


    Yeah, been using leafnode for a long time so:

    [09:54 PM][J:0][sinner@~]$ cat /etc/inetd.conf | grep nntp
    nntp stream tcp nowait news /usr/sbin/tcpd /usr/local/sbin/leafnode

    Under Mandr* I used xinetd but Ubuntu didnt have any services installed
    so I went by the doc and used inetd instead.

    --
    David
    The Usenet Improvement Project: http://blinkynet.net/comp/uip5.html

    What I tell you three times is true.
    -- Lewis Carroll

  9. Re: /etc/hosts.allow syntax help

    SINNER wrote:

    > * NoStop wrote in alt.os.linux.ubuntu:
    >
    > [...]
    >
    >> Dave,

    >
    >> Also, a little digging showed me that if you're going to use inetd then
    >> you need to add to the inetd.conf file:

    >
    >> " Leafnode may be configured to use inetd by adding an entry to
    >> the /etc/inetd.conf file with the following command:

    >
    >> echo "nntp stream tcp nowait news /usr/sbin/tcpd /usr/sbin/leafnode" \
    >>>> /etc/inetd.conf

    >
    > Yeah, been using leafnode for a long time so:
    >
    > [09:54 PM][J:0][sinner@~]$ cat /etc/inetd.conf | grep nntp
    > nntp stream tcp nowait news /usr/sbin/tcpd
    > /usr/local/sbin/leafnode
    >
    > Under Mandr* I used xinetd but Ubuntu didnt have any services installed
    > so I went by the doc and used inetd instead.
    >

    From everything you've said, the damn thing should work. Did you say you
    were running in a VM? Maybe there's something there that needs tweaking?
    Possible the VM after it gets passed through its host is reporting a
    different IP address?

    Cheers.

    --

    Proprietary Software: a 20th Century software business model.
    Intelligent and helpful Windoze error messages: http://tinyurl.com/2ks5dz






  10. Re: /etc/hosts.allow syntax help

    * NoStop wrote in alt.os.linux.ubuntu:
    > SINNER wrote:


    >> * NoStop wrote in alt.os.linux.ubuntu:


    >> [...]


    >>> Dave,


    >>> Also, a little digging showed me that if you're going to use inetd then
    >>> you need to add to the inetd.conf file:


    >>> " Leafnode may be configured to use inetd by adding an entry to
    >>> the /etc/inetd.conf file with the following command:


    >>> echo "nntp stream tcp nowait news /usr/sbin/tcpd /usr/sbin/leafnode" \
    >>>>> /etc/inetd.conf


    >> Yeah, been using leafnode for a long time so:


    >> [09:54 PM][J:0][sinner@~]$ cat /etc/inetd.conf | grep nntp
    >> nntp stream tcp nowait news /usr/sbin/tcpd
    >> /usr/local/sbin/leafnode


    >> Under Mandr* I used xinetd but Ubuntu didnt have any services installed
    >> so I went by the doc and used inetd instead.


    > From everything you've said, the damn thing should work.


    Funny, that's what I was thinking

    > Did you say you
    > were running in a VM?


    I have a Debian testing VM running on top of Ubuntu 6.06 LTS.

    > Maybe there's something there that needs tweaking?
    > Possible the VM after it gets passed through its host is reporting a
    > different IP address?


    I will do some more searching, thanks NoStop!

    --
    David
    The Usenet Improvement Project: http://blinkynet.net/comp/uip5.html

    I have gained this by philosophy:
    that I do without being commanded what others do only from fear of the law.
    -- Aristotle

  11. Re: /etc/hosts.allow syntax help

    On Tue, 04 Sep 2007 00:10:05 GMT, SINNER wrote:
    > I have leafnode running on my Ubuntu 6.06 LTS box and I have several
    > Virtual Machines that I boot up to play with occasionally.
    >
    > Per the initial setup for leafnode, in /etc/hosts.allow I have:
    >
    > leafnode: 127.0.0.1
    >
    > If I change the above to
    >
    > leafnode: ALL
    >
    > The VM can attach to the leafnode server via telnet. I have tried:
    >
    > leafnode: 127.0.0.1, xxx.xxx.xxx.xxx
    >
    > and
    >
    > leafnode: 127.0.0.1
    > leafnode: xxx.xxx.xxx.xxx
    >
    > where the xxx is another local IP address on the network, and neither of
    > the above allow the other machine to connect.
    >
    > The man pages were a little to cryptic apparently to give me the clue I
    > needed so any hints would be appreciated.


    For your hosts.allow, you might consider something like these examples.

    portmap: LOCAL, .home.invalid, 192.168.2.30
    ALL: LOCAL, .home.invalid

    # End of hosts.allow.

    LOCAL replaces your 127.0.0.1, and .home.invalid means everyone in the
    .home.invalid domain.

    ------------------

    I find that this /etc/hosts.deny helps. It mails root a message on
    denied attempts. Example, when I tried to enable ftpd in .allowed,
    I received a email indicating in.ftpd was denied. So I changed ftpd:
    to in.ftpd: and all was better.

    $ cat /etc/hosts.deny

    ALL: ALL:\
    spawn ( \
    /bin/echo -e "\n\
    TCP Wrappers\: Connection Refused\n\
    By\: $(uname -n)\n\
    Process\: %d (pid %p)\n\
    \n\
    User\: %u\n\
    Host\: %c\n\
    Date\: $(date)\n\
    " | /bin/mail -s \"$(uname -n)\" root ) & : DENY

    #*********************** end host.deny ********************************


  12. Re: /etc/hosts.allow syntax help

    On Tue, 04 Sep 2007 03:00:05 GMT SINNER
    <99nesorjd@gates_of_hell.invalid> wrote:

    > I believe inetd is configured properly as a change to hosts.allow to:


    > leafnode: ALL


    > resolves the issue, no restart required, the change is immediate.


    Is there any chance that it wants your LAN IP rather than 127.0.0.1?

    --
    Little Girl

    There is no spoon.

  13. Re: /etc/hosts.allow syntax help

    * Bit Twister wrote in alt.os.linux.ubuntu:
    > On Tue, 04 Sep 2007 00:10:05 GMT, SINNER wrote:
    >> I have leafnode running on my Ubuntu 6.06 LTS box and I have several
    >> Virtual Machines that I boot up to play with occasionally.


    >> Per the initial setup for leafnode, in /etc/hosts.allow I have:


    >> leafnode: 127.0.0.1


    >> If I change the above to


    >> leafnode: ALL


    >> The VM can attach to the leafnode server via telnet. I have tried:


    >> leafnode: 127.0.0.1, xxx.xxx.xxx.xxx


    >> and


    >> leafnode: 127.0.0.1
    >> leafnode: xxx.xxx.xxx.xxx


    >> where the xxx is another local IP address on the network, and neither of
    >> the above allow the other machine to connect.


    >> The man pages were a little to cryptic apparently to give me the clue I
    >> needed so any hints would be appreciated.


    > For your hosts.allow, you might consider something like these examples.


    > portmap: LOCAL, .home.invalid, 192.168.2.30
    > ALL: LOCAL, .home.invalid


    > # End of hosts.allow.


    What does 'portmap:' signify?

    > LOCAL replaces your 127.0.0.1, and .home.invalid means everyone in the
    > .home.invalid domain.


    > ------------------


    > I find that this /etc/hosts.deny helps. It mails root a message on
    > denied attempts. Example, when I tried to enable ftpd in .allowed,
    > I received a email indicating in.ftpd was denied. So I changed ftpd:
    > to in.ftpd: and all was better.


    > $ cat /etc/hosts.deny


    > ALL: ALL:\
    > spawn ( \
    > /bin/echo -e "\n\
    > TCP Wrappers\: Connection Refused\n\
    > By\: $(uname -n)\n\
    > Process\: %d (pid %p)\n\
    > \n\
    > User\: %u\n\
    > Host\: %c\n\
    > Date\: $(date)\n\
    > " | /bin/mail -s \"$(uname -n)\" root ) & : DENY


    > #*********************** end host.deny ********************************



    Whoa! a 'Bit' beyond my meager needs OR understanding, but thanks BT.
    --
    David
    The Usenet Improvement Project: http://blinkynet.net/comp/uip5.html

    It was a brave man that ate the first oyster.

  14. Re: /etc/hosts.allow syntax help

    * Little Girl wrote in alt.os.linux.ubuntu:
    > On Tue, 04 Sep 2007 03:00:05 GMT SINNER
    > <99nesorjd@gates_of_hell.invalid> wrote:


    >> I believe inetd is configured properly as a change to hosts.allow to:


    >> leafnode: ALL


    >> resolves the issue, no restart required, the change is immediate.


    > Is there any chance that it wants your LAN IP rather than 127.0.0.1?


    either is fine and both of those work, my issue is getting a NON local
    machine to attach. I only want to let machines on my internal network to
    be able to connect.

    --
    David
    The Usenet Improvement Project: http://blinkynet.net/comp/uip5.html

    Fortune finishes the great quotations, #6

    "But, soft! What light through yonder window breaks?"
    It's nothing, honey. Go back to sleep.

  15. Re: /etc/hosts.allow syntax help

    On Wed, 05 Sep 2007 01:20:03 GMT, SINNER wrote:

    >> portmap: LOCAL, .home.invalid, 192.168.2.30
    >> ALL: LOCAL, .home.invalid

    >
    >> # End of hosts.allow.

    >
    > What does 'portmap:' signify?


    Thought you read the man page on hosts.allow.

    portmap is the daemon/serice which is allowed on the LOCAL machine, or
    any machine in the .home.invalid domain or host 192.168.2.30



    >
    >> $ cat /etc/hosts.deny

    >
    >> ALL: ALL:\
    >> spawn ( \
    >> /bin/echo -e "\n\
    >> TCP Wrappers\: Connection Refused\n\
    >> By\: $(uname -n)\n\
    >> Process\: %d (pid %p)\n\
    >> \n\
    >> User\: %u\n\
    >> Host\: %c\n\
    >> Date\: $(date)\n\
    >> " | /bin/mail -s \"$(uname -n)\" root ) & : DENY

    >
    >> #*********************** end host.deny ********************************

    >
    >
    > Whoa! a 'Bit' beyond my meager needs OR understanding, but thanks BT.


    All it does is mail root an email with the indicated fields with the
    actual data and deny the serice access.
    Example email message from the hosts.deny script.

    from root@wb.home.invalid

    TCP Wrappers: Connection Refused
    By: wb.home.invalid
    Process: ipop3d (pid 7787) <===== see, ipop3d deamon/sevice was
    refused by hosts.deny
    User: unknown
    Host: 192.168.1.30
    Date: Tue Sep 4 20:32:40 CDT 2007


  16. Re: /etc/hosts.allow syntax help

    On Wed, 05 Sep 2007 01:20:05 GMT SINNER
    <99nesorjd@gates_of_hell.invalid> wrote:

    > * Little Girl wrote in alt.os.linux.ubuntu:
    > > On Tue, 04 Sep 2007 03:00:05 GMT SINNER
    > > <99nesorjd@gates_of_hell.invalid> wrote:


    > >> I believe inetd is configured properly as a change to hosts.allow
    > >> to:


    > >> leafnode: ALL


    > >> resolves the issue, no restart required, the change is immediate.


    > > Is there any chance that it wants your LAN IP rather than 127.0.0.1?


    > either is fine and both of those work, my issue is getting a NON local
    > machine to attach. I only want to let machines on my internal network
    > to be able to connect.


    I'm completely baffled why leafnode: ALL will work when putting in the
    IP won't. This one's a puzzle. I'm not sure if it will help, but this
    is how my files look for use with NFS on our internal network. I added
    the comments so the numbers will make sense:

    little@MOMS-COMPUTER:~$ cat /etc/hosts.allow
    # myIP myson'sIP
    portmap: 192.168.1.101 192.168.1.102
    lockd: 192.168.1.101 192.168.1.102
    rquotad: 192.168.1.101 192.168.1.102
    mountd: 192.168.1.101 192.168.1.102
    statd: 192.168.1.101 192.168.1.102
    nfsd: 192.168.1.101 192.168.1.102

    little@MOMS-COMPUTER:~$ cat /etc/hosts.deny
    portmap mountd nfsd statd lockd rquotad: ALL
    little@MOMS-COMPUTER:~$

    little@MOMS-COMPUTER:~$ cat /etc/exports
    # mypath myson'sIP(rw,no_root_ssquash,async)
    /home/little 192.168.1.102(rw,no_root_squash,async)

    little@MOMS-COMPUTER:~$ cat /etc/network/interfaces
    auto lo
    iface lo inet loopback
    address 127.0.0.1
    netmask 255.0.0.0

    auto eth0
    iface eth0 inet static
    address 192.168.1.101
    netmask 255.255.255.0
    gateway 192.168.1.1

    --
    Little Girl

    There is no spoon.

  17. Re: /etc/hosts.allow syntax help

    On Fri, 7 Sep 2007 22:31:08 -0400, Little Girl wrote:
    >
    > I'm completely baffled why leafnode: ALL will work when putting in the
    > IP won't. This one's a puzzle. I'm not sure if it will help, but this
    > is how my files look for use with NFS on our internal network. I added
    > the comments so the numbers will make sense:
    >
    > little@MOMS-COMPUTER:~$ cat /etc/hosts.allow
    > # myIP myson'sIP
    > portmap: 192.168.1.101 192.168.1.102
    > lockd: 192.168.1.101 192.168.1.102
    > rquotad: 192.168.1.101 192.168.1.102
    > mountd: 192.168.1.101 192.168.1.102
    > statd: 192.168.1.101 192.168.1.102
    > nfsd: 192.168.1.101 192.168.1.102
    >
    > little@MOMS-COMPUTER:~$ cat /etc/hosts.deny
    > portmap mountd nfsd statd lockd rquotad: ALL
    > little@MOMS-COMPUTER:~$


    If you are trying to secure your systems, my recommendation is to put
    ALL: All in /etc/hosts.deny.

    Why you ask, do a /man hosts.deny/ and read the ACCESS CONTROL FILES
    section.

    I find it helps to have hosts.deny set with this script.
    ALL: ALL:\
    spawn ( \
    /bin/echo -e "\n\
    TCP Wrappers\: Connection Refused\n\
    By\: $(uname -n)\n\
    Process\: %d (pid %p)\n\
    \n\
    User\: %u\n\
    Host\: %c\n\
    Date\: $(date)\n\
    " | /bin/mail -s \"$(uname -n)\" root ) & : DENY

    #*********************** end host.deny ********************************

    That way, when hosts.allow does not allow a deamon/service access,
    hosts.deny will block and mail root information about what was blocked.
    Helps when debugging hosts.allow and gives you a heads up when
    something is caught trying to run.

    Here is a resulting mail message;
    TCP Wrappers: Connection Refused
    By: wb.home.invalid
    Process: ipop3d (pid 14491)

    User: unknown
    Host: 192.168.1.30
    Date: Sat Sep 8 04:40:04 CDT 2007

    because I commented out the ALL: line in my hosts.allow to generate a deny.

    Snippet from my normal host.allow:

    ALL: LOCAL, .home.invalid

    #*********************** end host.allow ********************************

    Looking in /var/log/messages we find
    Sep 8 04:40:04 wb xinetd[14491]: libwrap refused connection to
    pop3 (libwrap=ipop3d) from 192.168.1.30
    I have no idea if (k)ubuntu creates a messages entry.

  18. Re: /etc/hosts.allow syntax help

    On Sat, 08 Sep 2007 09:56:40 GMT Bit Twister
    wrote:

    > On Fri, 7 Sep 2007 22:31:08 -0400, Little Girl wrote:


    > > little@MOMS-COMPUTER:~$ cat /etc/hosts.deny
    > > portmap mountd nfsd statd lockd rquotad: ALL
    > > little@MOMS-COMPUTER:~$


    > If you are trying to secure your systems, my recommendation is to put
    > ALL: All in /etc/hosts.deny.


    > Why you ask, do a /man hosts.deny/ and read the ACCESS CONTROL FILES
    > section.


    Thanks. It looks like I need to edit my Idiots' Guide To NFS page with
    this info (although I might leave the script out for the page). (:

    > I find it helps to have hosts.deny set with this script.
    > ALL: ALL:\
    > spawn ( \
    > /bin/echo -e "\n\
    > TCP Wrappers\: Connection Refused\n\
    > By\: $(uname -n)\n\
    > Process\: %d (pid %p)\n\
    > \n\
    > User\: %u\n\
    > Host\: %c\n\
    > Date\: $(date)\n\
    > " | /bin/mail -s \"$(uname -n)\" root ) & : DENY


    Snagged! Very nice. (:



    > Looking in /var/log/messages we find
    > Sep 8 04:40:04 wb xinetd[14491]: libwrap refused connection to
    > pop3 (libwrap=ipop3d) from
    > 192.168.1.30 I have no idea if (k)ubuntu creates a messages entry.


    I'll let you know if I get any. I don't see why it wouldn't, though.

    --
    Little Girl

    There is no spoon.

+ Reply to Thread