On Thu, Jan 10, 2002 at 03:41:37PM +0100, Davi Leal wrote: > Is It safe to delete the ALL:PARANOID line in /etc/hosts.deny to avoid the > below messages in /var/log/syslog? > > Jan 22 12:13:46 excalibur xinetd[254]: warning: /etc/hosts.deny, line 15: > can't verify hostname: gethostbyname(geicamdsl.easynet.es) failed > Jan 22 12:13:46 excalibur xinetd[254]: refused connect from 213.139.10.34 > -------------------- > /etc/hosts.deny > > # The PARANOID wildcard matches any host whose name does not match its > # address. > ALL: PARANOID
Why would you want to remove your first line of defence? Do you want the whole world to have access to the box in question? If a host does not match its IP, your system SHOULD deny it access. > -------------------- > /etc/hosts.allow > > sendmail: all > in.qpopper: all I would modify that "all" to the IP range which you use: in.qpopper: xxx.xxx.xxx.xxx/xxx.xxx.xxx.xxx I'm not an ISP or even a tech person so maybe someone else can get in on this and elaborate. Sam -- (Sam Varghese) http://www.gnubies.com Software industry: unique industry where selling substandard goods is legal and you can charge extra for fixing the problems. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
