| Author |
Message |
|
|
|
Post subject: hosts.allow missing
 Posted: Jul 08, 2008 - 12:38 AM
|
|
Joined: May 20, 2008
Posts: 68
Location: AZ
Status: Offline
|
|
| I've read everything in the manual on ssh and its working great between my two computers. But for some reason hosts.allow and hosts.deny are missing in /etc. According to the manual I need to add the remote computers ip address here...... Where is it? and how is it working without it? I hate being a new "B".I tried reinstall open-ssh server and client also, no files. I have these files on the other mahine running mepis. |
Last edited by soulfly on Jul 12, 2008 - 10:26 PM; edited 1 time in total
|
| |
|
|
|
 |
|
|
|
Post subject: RE: hosts.allow missing
Posted: Jul 08, 2008 - 02:01 AM
|
|
Joined: May 20, 2008
Posts: 68
Location: AZ
Status: Offline
|
|
After some googeling, it looks like portmap is what creates this file. apparently ssh doesn't require portmap, because its working. The files are in mepis because I have FreeNX installed, which requires portmap. So, my question now is, if I just want to use ssh for remote access, do I need portmap? and what would be the advantage of having it installed? (if there is any). It sounded to me like portmap made things more vulnerable, and thats why you have to edit /etc/hosts.allow. http://www.vanemery.com/DAS/421-debian-30r2.html This is where I got my info, someone please inform me if I'm comprehending wrong.
Thanks in advance, Brian. |
|
|
| |
|
|
|
|
|
|
|
Post subject: RE: hosts.allow missing
Posted: Jul 12, 2008 - 10:25 PM
|
|
Joined: May 20, 2008
Posts: 68
Location: AZ
Status: Offline
|
|
| "tcpd" is actually the pacvkage that puts these files in /etc |
|
|
| |
|
|
|
|
|
|
|
Post subject: RE: hosts.allow missing
Posted: Jul 23, 2008 - 10:47 PM
|
|
Joined: Jul 22, 2008
Posts: 4
Status: Offline
|
|
| I would like to use hosts.allow and hosts.deny to help with brute force attacks. From what you write, it seems that all I have to do is install tcpd -- is that correct? |
|
|
| |
|
|
|
|
|
|
|
Post subject: RE: hosts.allow missing
Posted: Jul 24, 2008 - 11:27 PM
|
|
Joined: May 20, 2008
Posts: 68
Location: AZ
Status: Offline
|
|
All : All in hosts.deny will block everything. Then add the hosts in hosts.allow by ip address. I did this for ssh purposes on my LAN. As far as brute force attacks, it will help, but having your router or firewall configured properly will do more. If your wireless, and your ssid is broadcast for others to see, then someone could still retrieve your wep key or pass phrase with specific tools, alowing to use your internet connection. I hope this helps.
I'm actually in the proccess of trying to figure out how to use some of these tools to test and monitor my own network. |
|
|
| |
|
|
|
|
|
|
