[NTLUG:Discuss] Killing Bad People
Bug Hunter
bughuntr at one.ctelcom.net
Tue Feb 5 20:45:06 CST 2002
the best thing for /etc/hosts.deny is the following:
ALL: ALL
then, in /etc/hosts.allow, add the services you want people to access,
with the networks:
ALL: 192.168.1. <-- allows everyone on the class c network 192.168.1
in.telnetd: 207.101.132.23 <--allows telnet only from this ip
and so on
bug
On 5 Feb 2002, Rev. wRy wrote:
> On Tue, 2002-02-05 at 14:09, Daniel L. Shipman wrote:
> > Actually these are the addresses of people who have port scanned me - tryed
> > to log in - ftp -
>
> If you wanted them to not get access to just ftp try the following in
> hosts.deny:
>
> in.proftpd: .wanadoo.fr
>
> Obviously, if you aren't running proftpd, you'll have to alter to
> reflect whatever ftp daemon you are running.
>
> I did this, and my scans/anon login attempts went down dramatically over
> the course of a week.
>
snip
More information about the Discuss
mailing list