Andrew, I also have proftpd running but it was _not_ called from inet.conf. I added the line like you suggested. I also confirmed I have tcp wrappers installed. After that I nmap'd myself and I see a several listings that are not in the inet.conf..where can I turn these off?
111/tcp open Sunrpc 113/tcp open auth <--- need that one? 515/tcp open printer 6000/tcp open X11 Additionally, I noticed that smtp is not called like ftp is with the /usr/sbin/tcpd first, it's just called /usr/sbin/exim....does this mean that hosts.deny would not protect that port? (getting a little confused here) Bill ----- Forwarded message from Pollywog <[EMAIL PROTECTED]> ----- Envelope-to: [EMAIL PROTECTED] Date: Sun, 27 Aug 2000 01:58:25 +0000 (UTC) From: Pollywog <[EMAIL PROTECTED]> Subject: RE: Hosts.all/Hosts.deny vs. a firewall? In-reply-to: <[EMAIL PROTECTED]> To: William Jensen <[EMAIL PROTECTED]> Reply-to: Pollywog <[EMAIL PROTECTED]> Organization: The Pond X-Mailer: XFMail 1.4.6 on Linux X-Priority: 3 (Normal) On 27-Aug-2000 William Jensen wrote: > So far I have the following setup: > > hosts.deny: > > ALL:ALL > > hosts.allow: > > ALL: my_work.domain > > My intention is to prevent everyone from the 'outside' from reaching my box. > I do realize that anyone in my_work.domain would also be able to get at it. > > It is my understanding that this will prevent anyone not in my_work.domain > from getting to my box with telnet, ftp, etc. Is this correct? Is this > secure? If this is indeed correct could someone tell me why I would > need/want a firewall and/or what benefit it would provide me over what I > already have setup? More specifically how does a firewall differ from using > the hosts.allow/hosts.deny files as I described above. /etc/hosts.deny will only prevent access to FTP, telnetd, etc if you are using TCP Wrappers: First make sure you have tcpd installed; it is TCP Wrappers. Make sure your ftpd is called from /etc/inetd.conf something like this: ftp stream tcp nowait root /usr/sbin/tcpd /usr/sbin/proftpd That should all be on one line in /etc/inetd.conf. I am using proftpd but if you are using some other ftp daemon, such as in.telnetd, then put "in.telnetd" where I have "proftpd". Any services that do not run from inetd must be protected by a firewall or turned off. BTW if you are using apt-get, you can install tcpd with 'apt-get install tcpd' -- Andrew ----- End forwarded message -----
