| 1 |
Thank you for all the suggestions, they have been very helpful and I now |
| 2 |
have my tcp wrappers up and running. |
| 3 |
|
| 4 |
Just out of curiosity, why doesn't the ebuild install /etc/hosts.allow/deny |
| 5 |
with some basic configuration examples or at least empty files? |
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
On Mon, Jan 12, 2009 at 12:50 PM, brant williams <brant@×××××.net> wrote: |
| 10 |
|
| 11 |
> -----BEGIN PGP SIGNED MESSAGE----- |
| 12 |
> Hash: SHA256 |
| 13 |
> |
| 14 |
> |
| 15 |
> Hi there... |
| 16 |
> |
| 17 |
> You can also install the "DenyHosts" package, which will parse your syslog |
| 18 |
> for failed ssh entries, and then update/maintain /etc/hosts.{allow,deny}. |
| 19 |
> |
| 20 |
> http://denyhosts.sourceforge.net/ |
| 21 |
> |
| 22 |
> You can run it as a daemon, or from within cron. |
| 23 |
> |
| 24 |
> hth |
| 25 |
> - -brant |
| 26 |
> |
| 27 |
> brant williams |
| 28 |
> FCAA CDCA 20BC 3925 D634 F5C4 7420 6784 4DEB 6002 |
| 29 |
> |
| 30 |
> |
| 31 |
> |
| 32 |
> On Sat, 10 Jan 2009, Chris O'Regan wrote: |
| 33 |
> |
| 34 |
> Date: Sat, 10 Jan 2009 00:51:47 -0500 |
| 35 |
>> From: Chris O'Regan <chris.oregan@×××××.com> |
| 36 |
>> Reply-To: gentoo-security@l.g.o |
| 37 |
>> To: gentoo-security@l.g.o |
| 38 |
>> Subject: Re: [gentoo-security] TCP Wrapper Documentation |
| 39 |
>> |
| 40 |
>> |
| 41 |
>> Search for "tcp wrappers howto" on Google. Yes, this must be |
| 42 |
>> maintained manually. I recommend to do away with /etc/host.deny and |
| 43 |
>> have "ALL :ALL@ALL :deny" as the last line of /etc/hosts.allow. |
| 44 |
>> |
| 45 |
>> On Fri, Jan 9, 2009 at 11:51 PM, James Stull <rivitir@×××××.com> wrote: |
| 46 |
>> |
| 47 |
>>> I have a gentoo desktop profile system and I would like to use tcp |
| 48 |
>>> wrappers |
| 49 |
>>> to secure certain services like ssh. I followed the documentation I could |
| 50 |
>>> find from the security guide to install the ebuild but I don't have the |
| 51 |
>>> /etc/hosts.allow or hosts.deny. Do I have to manually create these? Is |
| 52 |
>>> their |
| 53 |
>>> any other documentation available that I can use to help me install and |
| 54 |
>>> configure it properly? |
| 55 |
>>> |
| 56 |
>>> Thanks for your help. |
| 57 |
>>> |
| 58 |
>>> |
| 59 |
>> |
| 60 |
>> -----BEGIN PGP SIGNATURE----- |
| 61 |
> Version: GnuPG v2.0.9 (GNU/Linux) |
| 62 |
> |
| 63 |
> iEYEAREIAAYFAklrgtkACgkQdCBnhE3rYAIsLQCgpLxynaOGVdxWlKh7YeOdpIC5 |
| 64 |
> oggAnRFgIwBudFTonqx2/ABUSdzDWNLx |
| 65 |
> =N70i |
| 66 |
> -----END PGP SIGNATURE----- |
| 67 |
> |
| 68 |
> |
Archives