Mailing List Archive
Support open source code!
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: tlug: wildcards in /etc/hosts.deny
- To: tlug@example.com
- Subject: Re: tlug: wildcards in /etc/hosts.deny
- From: "Stephen J. Turnbull" <turnbull@example.com>
- Date: Fri, 23 Oct 1998 20:47:32 +0900 (JST)
- Content-Transfer-Encoding: 7bit
- Content-Type: text/plain; charset=us-ascii
- In-Reply-To: <19981023175914.C4051@example.com>
- References: <3630459F.5531D4B4@example.com><19981023175914.C4051@example.com>
- Reply-To: tlug@example.com
- Sender: owner-tlug@example.com
>>>>> "Jim" == Jim Tittsler <jwt-tlug@example.com> writes:
Jim> On Fri, Oct 23, 1998 at 06:00:15PM +0900, Jim Schweizer
Jim> wrote:
>> Did you know there's nothing apropos for hosts.deny? No man
>> page, nothing in Running Linux, Practical UNIX & Internet
>> Security, UNIX System Administration Handbook or the Linux
>> Network Administrator's Guide!
Jim> I agree it is well hidden. 'man 5 hosts_access' (And no, I
Jim> can never remember that either. I do 'man tcpd' and then
Jim> check the "see also" :-)
(cd /usr/man/man5; \
ln -s hosts_access hosts.deny; \
ln -s hosts_access hosts.allow)
Jim> I think for this sort of thing you don't use the *. Try:
Jim> ALL: .goo.ne.jp
Jim> ALL: .melco.co.jp
Jim> which checks for matching ends.
Two things to watch out for (maybe it doesn't matter, we don't think
these are crackers, just jerks, right?):
(1) the syntax for resolver is arcane. It is possible to get yourself
spoofed in some cases if you have a domain search path in
/etc/hosts.conf. I don't know if tcp-wrappers checks for it, but
it may be useful to terminate those with periods:
ALL: .goo.ne.jp.
ALL: .melco.co.jp.
I have no idea how to test this, and I bet the docs are extremely
unclear, so somebody might have to read the source to figure it
out. (Don't ask me which source, either.)
(2) Look at inetd.conf and check for services which _don't_ use
tcp-wrappers (no tcpd); look in /etc/init.d for services that get
started but don't used inetd.
--
University of Tsukuba Tennodai 1-1-1 Tsukuba 305-8573 JAPAN
Institute of Policy and Planning Sciences Tel/fax: +1 (298) 53-5091
__________________________________________________________________________
__________________________________________________________________________
What are those two straight lines for? "Free software rules."
---------------------------------------------------------------
Next Nomikai: 20 November, 19:30 Tengu TokyoEkiMae 03-3275-3691
Next Meeting: 12 December, 12:30 Tokyo Station Yaesu central gate
---------------------------------------------------------------
Sponsor: PHT, makers of TurboLinux http://www.pht.co.jp
- Follow-Ups:
- Re: tlug: wildcards in /etc/hosts.deny
- From: Scott Stone <sstone@example.com>
- Re: tlug: wildcards in /etc/hosts.deny
- References:
- tlug: wildcards in /etc/hosts.deny
- From: Jim Schweizer <schweiz_nospam@example.com>
- Re: tlug: wildcards in /etc/hosts.deny
- From: Jim Tittsler <jwt-tlug@example.com>
- tlug: wildcards in /etc/hosts.deny
- Prev by Date: tlug: Pgnus and IMAP
- Next by Date: Re: tlug: wildcards in /etc/hosts.deny
- Prev by thread: Re: tlug: wildcards in /etc/hosts.deny
- Next by thread: Re: tlug: wildcards in /etc/hosts.deny
- Index(es):
| Home Page | Mailing List | Linux and Japan | TLUG Members | Links |