Gentoo Archives: gentoo-security

From: James Stull <rivitir@×××××.com>
To: gentoo-security@l.g.o
Subject: Re: [gentoo-security] TCP Wrapper Documentation
Date: Tue, 13 Jan 2009 00:32:50
Message-Id: c1dd97640901121632r6cb6be78k5a8dcf9c966fe3ca@mail.gmail.com
In Reply to: Re: [gentoo-security] TCP Wrapper Documentation by brant williams
Thank you for all the suggestions, they have been very helpful and I now
have my tcp wrappers up and running.

Just out of curiosity, why doesn't the ebuild install /etc/hosts.allow/deny
with some basic configuration examples or at least empty files?



On Mon, Jan 12, 2009 at 12:50 PM, brant williams <brant@×××××.net> wrote:

> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > > Hi there... > > You can also install the "DenyHosts" package, which will parse your syslog > for failed ssh entries, and then update/maintain /etc/hosts.{allow,deny}. > > http://denyhosts.sourceforge.net/ > > You can run it as a daemon, or from within cron. > > hth > - -brant > > brant williams > FCAA CDCA 20BC 3925 D634 F5C4 7420 6784 4DEB 6002 > > > > On Sat, 10 Jan 2009, Chris O'Regan wrote: > > Date: Sat, 10 Jan 2009 00:51:47 -0500 >> From: Chris O'Regan <chris.oregan@×××××.com> >> Reply-To: gentoo-security@l.g.o >> To: gentoo-security@l.g.o >> Subject: Re: [gentoo-security] TCP Wrapper Documentation >> >> >> Search for "tcp wrappers howto" on Google. Yes, this must be >> maintained manually. I recommend to do away with /etc/host.deny and >> have "ALL :ALL@ALL :deny" as the last line of /etc/hosts.allow. >> >> On Fri, Jan 9, 2009 at 11:51 PM, James Stull <rivitir@×××××.com> wrote: >> >>> I have a gentoo desktop profile system and I would like to use tcp >>> wrappers >>> to secure certain services like ssh. I followed the documentation I could >>> find from the security guide to install the ebuild but I don't have the >>> /etc/hosts.allow or hosts.deny. Do I have to manually create these? Is >>> their >>> any other documentation available that I can use to help me install and >>> configure it properly? >>> >>> Thanks for your help. >>> >>> >> >> -----BEGIN PGP SIGNATURE----- > Version: GnuPG v2.0.9 (GNU/Linux) > > iEYEAREIAAYFAklrgtkACgkQdCBnhE3rYAIsLQCgpLxynaOGVdxWlKh7YeOdpIC5 > oggAnRFgIwBudFTonqx2/ABUSdzDWNLx > =N70i > -----END PGP SIGNATURE----- > >

Replies

Subject Author
Re: [gentoo-security] TCP Wrapper Documentation Matt Drew <matt.drew@×××××.com>