Login or Register to Ask a Question and Join Our Community


UNIX for Dummies Questions & Answers

/etc/hosts.deny

 
Thread Tools Search this Thread
Top Forums UNIX for Dummies Questions & Answers /etc/hosts.deny
# 1  
Old 07-01-2015
/etc/hosts.deny
Hi there,

For /etc/hosts.deny was it used to deny access from the internet?
# 2  
Old 07-01-2015
Quote:
Originally Posted by alvinoo
Hi there,

For /etc/hosts.deny was it used to deny access from the internet?
I am not sure what you mean: "/etc/hosts.deny" is part of the TCP wrapper software, which exists for many operating systems. It allows (together with "/etc/hosts.allow") to control and restrict access from certain hosts, not necessarily deny it. For instance one could allow for a certain host to access the local host via ftp but deny access via telnet.

Note that only protocols with an initial handshake can be controlled (which is true for TCP but not for UDP for instance).

I hope this helps.

bakunin
# 3  
Old 07-02-2015
Hello Alvinoo,

Just want to add a little more here. To restrict access to your Unix or Linux machine, you must modify the /etc/hosts.allow and /etc/host.deny files. These files are used by the tcpd (tcp wrapper) and sshd programs to decide whether or not to accept a connection coming in from another IP address. ITS recommends that to start with, you restrict access to only those network addresses you are certain should be allowed access. The following two example files allow connections from any address in the virginia.edu network domain, but no others.

Following is an example for same.
/etc/hosts.allow
Code:
 #
 # hosts.allow   This file describes the names of 
 #               the hosts that are allowed to use 
 #               the local INET services, as decided
 #               by the '/usr/sbin/tcpd' server.
 #
 # Only allow connections within the virginia.edu 
 # domain.

ALL: .virginia.edu

Code:
 #
 # hosts.deny    This file describes the names of
 #               the hosts that are *not* allowed 
 #               to use the local INET services, as 
 #               decided by the '/usr/sbin/tcpd' 
 #               server.
 #
 # deny all by default, only allowing hosts or 
 # domains listed in hosts.allow.
 
 ALL: ALL

Configuration shown in the above /etc/hosts.allow file, to permit connections to any services protected by the tcpd or sshd from only systems within the virginia.edu domain. Also for more information on same, you can go through the following link too.
hosts.deny(5) - Linux man page

Hope this helps.

Thanks,
R. Singh
Last edited by RavinderSingh13; 07-02-2015 at 03:45 AM..
 
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Solaris

How to copy a tar file on a series of remote hosts and untar it on those hosts?

Am trying to copy a tar file onto a series of remote hosts and untar it at the destination. Need to do this without having to do multiple ssh. Actions to perform within a single ssh session via shell script - copy a file - untar at destination (remote host) OS : Linux RHEL6 (3 Replies)
Discussion started by: sankasu
3 Replies

2. AIX

aix tcp wrappers hosts.allow hosts.deny?

hi all just installed the netsec.options.tcpwrapper from expansion pack, which used to be a rpm, for my aix 6.1 test box. it is so unpredictable. i set up the hosts.deny as suggested for all and allow the sshd for specific ip addresses/hostnames. the tcpdchk says the hosts allowed and... (0 Replies)
Discussion started by: wf201626
0 Replies

3. Red Hat

How to block ssh via /etc/hosts.deny

Hi.., I am using redhat5 server, i want to know the details about to block ssh via /etc/hosts.deny. Need help immediately (1 Reply)
Discussion started by: thakshina
1 Replies

4. UNIX for Dummies Questions & Answers

Hosts.deny entry

Hello I want to block individuals who attempt to use ssh to loggon to one of my machines from a certain IP address. I added the following entry in hosts.deny. Will the entry do what I want to do? ssh: 202.111.128.225 (3 Replies)
Discussion started by: mojoman
3 Replies

5. AIX

allow / deny root logins

Hello everyone I have to limit the root logins on my aix box (aix 5.3) I change the value on the /etc/security/user default (login and rlogin) change to false and add to root (rlogin and login = false) I tried in different ways but I got the same. Root still can login I try algo... (6 Replies)
Discussion started by: lo-lp-kl
6 Replies

6. IP Networking

how to deny someone to use ftp command ?

hi,all, i have a question to trouble you. a workstation named AAA, and open the ftp services to permit user download and upload files. i have root password. a pc install windows 2k named BBB, someone install a serv-u ftp ( a ftp server software ) to transfer data. i don't have the... (4 Replies)
Discussion started by: yarx
4 Replies

7. UNIX for Dummies Questions & Answers

Hosts.allow and hosts.deny

Hello everyone, This is my first posts and I did search for a questions but did not find a question that answered my question unless of course I overlooked it. I'm running Solaris 8. I use ssh for the users but I have a user called "chatterbox" that uses telnet but I need for chatterbox to... (1 Reply)
Discussion started by: huddlestonsnk
1 Replies

8. UNIX for Dummies Questions & Answers

hosts.allow & hosts.deny

Hi! Im trying to use host.allow & host.deny to resrtic access to my sun machine, but it doesnt seem to work... I want to allow full access from certain IPīs (ssh,http,ftp,etc...) but deny all kind of conections from outsideworld, the way that im doing that is: hosts.allow ALL:127.0.0.1... (2 Replies)
Discussion started by: Sorrento
2 Replies

9. UNIX for Dummies Questions & Answers

Telnet deny

Hi all I'm using an AIX 5 machine. I'm trying to telnet from this machine to another Aix machine. When I use the "root" user - Everything works. I can telnet successfully the other machine When I use another user but root - I can't telnet the machine: noah@logist:/home/noah>telnet aixtst... (2 Replies)
Discussion started by: sunbird
2 Replies

10. UNIX for Advanced & Expert Users

hosts.deny "mailing thing"

Hey people i need a little help here if anyone knows who to separate the mailing users and can i have more then one at the end of the command line please tell me :::This is just an example::: /etc/hosts.deny: tftpd: ALL: (/some/where/safe_finger -l @%h | \ ... (2 Replies)
Discussion started by: beo
2 Replies
Login or Register to Ask a Question