Mailing List Archive

Support open source code!


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: tlug: wildcards in /etc/hosts.deny



>>>>> "Jim" == Jim Tittsler <jwt-tlug@example.com> writes:

    Jim> On Fri, Oct 23, 1998 at 06:00:15PM +0900, Jim Schweizer
    Jim> wrote:
    >> Did you know there's nothing apropos for hosts.deny? No man
    >> page, nothing in Running Linux, Practical UNIX & Internet
    >> Security, UNIX System Administration Handbook or the Linux
    >> Network Administrator's Guide!

    Jim> I agree it is well hidden.  'man 5 hosts_access' (And no, I
    Jim> can never remember that either.  I do 'man tcpd' and then
    Jim> check the "see also" :-)

(cd /usr/man/man5; \
 ln -s hosts_access hosts.deny; \
 ln -s hosts_access hosts.allow)

    Jim> I think for this sort of thing you don't use the *.  Try:
    Jim> ALL: .goo.ne.jp
    Jim> ALL: .melco.co.jp

    Jim> which checks for matching ends.
    
Two things to watch out for (maybe it doesn't matter, we don't think
these are crackers, just jerks, right?):

(1) the syntax for resolver is arcane.  It is possible to get yourself
    spoofed in some cases if you have a domain search path in
    /etc/hosts.conf.  I don't know if tcp-wrappers checks for it, but
    it may be useful to terminate those with periods:

    ALL: .goo.ne.jp.
    ALL: .melco.co.jp.

    I have no idea how to test this, and I bet the docs are extremely
    unclear, so somebody might have to read the source to figure it
    out.  (Don't ask me which source, either.)

(2) Look at inetd.conf and check for services which _don't_ use
    tcp-wrappers (no tcpd); look in /etc/init.d for services that get
    started but don't used inetd.

-- 
University of Tsukuba                Tennodai 1-1-1 Tsukuba 305-8573 JAPAN
Institute of Policy and Planning Sciences        Tel/fax: +1 (298) 53-5091
__________________________________________________________________________
__________________________________________________________________________
What are those two straight lines for?  "Free software rules."
---------------------------------------------------------------
Next Nomikai: 20 November, 19:30 Tengu TokyoEkiMae 03-3275-3691
Next Meeting: 12 December, 12:30 Tokyo Station Yaesu central gate
---------------------------------------------------------------
Sponsor: PHT, makers of TurboLinux http://www.pht.co.jp


Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links