Services which contain libwrap module can use hosts.deny to control Access

    ldd  /usr/sbin/vsftpd    |grep libwrap
    ldd  /usr/sbin/sendmail  |grep libwrap
    ldd  /usr/sbin/sshd      |grep libwrap

To Restrict a host/network  to control access to a Service.

1.  Using Hostname/Domainname

   vim /etc/hosts.deny
-> vsftpd  *       ->All hosts in denied to access ftp
-> vsftpd  ->Host server in denied to access

2.  Using  Ipaddress/Network

    vim /etc/hosts.deny
-> vsftpd    ->All hosts in 1.0 N/W denied.
-> vsftpd                  ->Host 1.4 denied.

3.  To  Deny all Except few.

    vim /etc/hosts.deny
->  sshd:ALL  EXCEPT     ->Any domain other than                                              are denied the Access to ssh.

4. To  Allow all Except few.

   vim /etc/hosts.allow
-> ALL  *  EXCEPT  * ->Any domain other than are allowed to access..

Both entries allow/deny can be given in either hosts.allow or hosts.deny file

If you found this post useful, I would really love it, if you can Like the Page, or share it with your Facebook/Google+/Twitter Friends... It will keep me motivated. Thank you!

No comments:

Post a Comment