[NTLUG:Discuss] Hosts.deny working?
Chris Cox
cjcox at acm.org
Fri Apr 10 12:17:03 CDT 2009
On Fri, 2009-04-10 at 11:14 -0500, David Simmons wrote:
>
> Guys,
>
> I've been using my /etc/hosts.deny file very thoroughly
> lately to block access from 'the bad guys'.
>
> I have an entry in
> /etc/hosts.deny:
>
> ALL: 217.
>
> but I keep seeing
> IP's in the 217.* range in my /etc/log/http/access_log file trying to
> access files on my server. So I think:
>
> 1)
> /etc/hosts.deny is not working (I don't have any 217.
> references in hosts.allow that would supercede)
http (apache) doesn't have to honor anything like /etc/hosts.deny,
etc. Look at mod_access (for example) from apache's web site.
host.deny/allow can be used by different services... often
times for tcpwrap'd things under (x)inetd.
But you can't assume that each and every service use the same
approach... though many might have options/plugins to let
hosts.deny/allow to work with them.
More information about the Discuss
mailing list