[NTLUG:Discuss] Hosts.deny working?
terry
trryhend at gmail.com
Fri Apr 10 13:08:03 CDT 2009
On Fri, Apr 10, 2009 at 12:17 PM, Chris Cox <cjcox at acm.org> wrote:
> On Fri, 2009-04-10 at 11:14 -0500, David Simmons wrote:
> >
> > Guys,
> >
> > I've been using my /etc/hosts.deny file very thoroughly
> > lately to block access from 'the bad guys'.
> >
> > I have an entry in
> > /etc/hosts.deny:
> >
> > ALL: 217.
> >
> > but I keep seeing
> > IP's in the 217.* range in my /etc/log/http/access_log file trying to
> > access files on my server. So I think:
> >
> > 1)
> > /etc/hosts.deny is not working (I don't have any 217.
> > references in hosts.allow that would supercede)
>
> http (apache) doesn't have to honor anything like /etc/hosts.deny,
> etc. Look at mod_access (for example) from apache's web site.
>
> host.deny/allow can be used by different services... often
> times for tcpwrap'd things under (x)inetd.
>
> But you can't assume that each and every service use the same
> approach... though many might have options/plugins to let
> hosts.deny/allow to work with them.
>
>
>
>
> _______________________________________________
> http://www.ntlug.org/mailman/listinfo/discuss
>
Well, you could also use iptables rule, something like
/sbin/iptables -I INPUT -s 217.0.0.0/8 -j DROP
But having a stand-alone firewall in front of this server would be a
nice tool for this sort of thing.
IPcop or Smoothwall?
--
<><
More information about the Discuss
mailing list