Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-security
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-security@g.o
From: "James Stull" <rivitir@...>
Subject: Re: TCP Wrapper Documentation
Date: Mon, 12 Jan 2009 19:32:04 -0500
Thank you for all the suggestions, they have been very helpful and I now have my tcp wrappers up and running.<br><br>Just out of curiosity, why doesn&#39;t the ebuild install /etc/hosts.allow/deny with some basic configuration examples or at least empty files?<br>
<br><br><br><div class="gmail_quote">On Mon, Jan 12, 2009 at 12:50 PM, brant williams <span dir="ltr">&lt;<a href="mailto:brant@...">brant@...</a>&gt;</span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
-----BEGIN PGP SIGNED MESSAGE-----<br>
Hash: SHA256<br>
<br>
<br>
Hi there...<br>
<br>
You can also install the &quot;DenyHosts&quot; package, which will parse your syslog for failed ssh entries, and then update/maintain /etc/hosts.{allow,deny}.<br>
<br>
<a href="http://denyhosts.sourceforge.net/" target="_blank">http://denyhosts.sourceforge.net/</a><br>
<br>
You can run it as a daemon, or from within cron.<br>
<br>
hth<br>
- -brant<br>
<br>
brant williams<br>
FCAA CDCA 20BC 3925 D634 &nbsp;F5C4 7420 6784 4DEB 6002<br>
<br>
<br>
<br>
On Sat, 10 Jan 2009, Chris O&#39;Regan wrote:<br>
<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Date: Sat, 10 Jan 2009 00:51:47 -0500<br>
From: Chris O&#39;Regan &lt;<a href="mailto:chris.oregan@..." target="_blank">chris.oregan@...</a>&gt;<br>
Reply-To: <a href="mailto:gentoo-security@g.o" target="_blank">gentoo-security@g.o</a><br>
To: <a href="mailto:gentoo-security@g.o" target="_blank">gentoo-security@g.o</a><br>
Subject: Re: [gentoo-security] TCP Wrapper Documentation<div><div></div><div class="Wj3C7c"><br>
<br>
Search for &quot;tcp wrappers howto&quot; on Google. Yes, this must be<br>
maintained manually. I recommend to do away with /etc/host.deny and<br>
have &quot;ALL :ALL@ALL :deny&quot; as the last line of /etc/hosts.allow.<br>
<br>
On Fri, Jan 9, 2009 at 11:51 PM, James Stull &lt;<a href="mailto:rivitir@..." target="_blank">rivitir@...</a>&gt; wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
I have a gentoo desktop profile system and I would like to use tcp wrappers<br>
to secure certain services like ssh. I followed the documentation I could<br>
find from the security guide to install the ebuild but I don&#39;t have the<br>
/etc/hosts.allow or hosts.deny. Do I have to manually create these? Is their<br>
any other documentation available that I can use to help me install and<br>
configure it properly?<br>
<br>
Thanks for your help.<br>
<br>
</blockquote>
<br>
<br>
</div></div></blockquote>
-----BEGIN PGP SIGNATURE-----<br>
Version: GnuPG v2.0.9 (GNU/Linux)<br>
<br>
iEYEAREIAAYFAklrgtkACgkQdCBnhE3rYAIsLQCgpLxynaOGVdxWlKh7YeOdpIC5<br>
oggAnRFgIwBudFTonqx2/ABUSdzDWNLx<br>
=N70i<br>
-----END PGP SIGNATURE-----<br>
<br>
</blockquote></div><br>
Replies:
Re: TCP Wrapper Documentation
-- Matt Drew
References:
TCP Wrapper Documentation
-- James Stull
Re: TCP Wrapper Documentation
-- Chris O'Regan
Re: TCP Wrapper Documentation
-- brant williams
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: TCP Wrapper Documentation
Next by thread:
Re: TCP Wrapper Documentation
Previous by date:
Re: TCP Wrapper Documentation
Next by date:
Re: TCP Wrapper Documentation


Updated Jun 17, 2009

Summary: Archive of the gentoo-security mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.