T. Howell-Cintron wrote:
Alejandro Rodriguez Luna wrote:
Hi all!!
I just wanted ask about the security of services like ssh, dns, etc,
what is the best way to secure this services?, perhaps /etc/hosts.allow
and /etc/hosts.deny?, or perhaps with a superserver inetd or xined?,
what's the difference among those way to secure the system?
Although /etc/hosts.* is an easy method of restricting access to certain
services I'd suggest using IPTables to control who has access to what,
as it's universal and offers more granular control over your rules.
It should also be noted that applications must be compiled and linked
with tcpwrappers support if they are to use the /etc/hosts.* files.
iptables occurs at the kernel level, long before hosts.* could be
invoked anyway.
----------------------------------------------------------------------
- Rick Stevens, Systems Engineer ricks@xxxxxxxx -
- AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 -
- -
- "People tell me I look at the dark side. That's not true. I have -
- the heart of a small boy......in a jar right here on my desk." -
- -- Stephen King -
----------------------------------------------------------------------
--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
