skip at ...1552...
Tue Nov 6 13:29:07 EST 2001
> Using Xinetd set to use hosts.allow and hosts.deny (in particular), I
> have found on RedHat 7.x systems that using these files to regulate SSH
> connections works quite well.
> Adding to hosts.deny:
> ALL: ALL
> Will indeed stop SSH connections as well as everything else that uses
> these wrappers (least for me it does!)
> I add:
> SSHD: Some.IP.Range. or.some.ip.address
> to hosts.allow and I get access once more.
> I may be far off base here - but it indeed works in my case. Give it a
> try. May work for you also. And possibly some kind soul can explain why
> SSH is regulated this way without being added to any conf file ...
With the appropriate entry in inetd.conf or /etc/xinetd.d SSH and
httpd (at least Apache anyway) CAN be tcp_wrappered (regardless of
the Linux distro). BUT, in both of these cases there is a significant
program startup overhead involved, so its really not a very good idea
for these programs unless these startup delays can be tolerated in
your network environment.
Dr. Everett (Skip) Carter Phone: 831-641-0645 FAX: 831-641-0647
Taygeta Scientific Inc. INTERNET: skip at ...1552...
1340 Munras Ave., Suite 314 WWW: http://www.taygeta.com
Monterey, CA. 93940
More information about the Snort-users