Snort mailing list archives
Re: Wrappers
From: Skip Carter <skip () taygeta com>
Date: Tue, 06 Nov 2001 13:28:03 -0800
Using Xinetd set to use hosts.allow and hosts.deny (in particular), I have found on RedHat 7.x systems that using these files to regulate SSH connections works quite well. Adding to hosts.deny: ALL: ALL Will indeed stop SSH connections as well as everything else that uses these wrappers (least for me it does!) I add: SSHD: Some.IP.Range. or.some.ip.address to hosts.allow and I get access once more. I may be far off base here - but it indeed works in my case. Give it a try. May work for you also. And possibly some kind soul can explain why SSH is regulated this way without being added to any conf file ...
With the appropriate entry in inetd.conf or /etc/xinetd.d SSH and httpd (at least Apache anyway) CAN be tcp_wrappered (regardless of the Linux distro). BUT, in both of these cases there is a significant program startup overhead involved, so its really not a very good idea for these programs unless these startup delays can be tolerated in your network environment. -- Dr. Everett (Skip) Carter Phone: 831-641-0645 FAX: 831-641-0647 Taygeta Scientific Inc. INTERNET: skip () taygeta com 1340 Munras Ave., Suite 314 WWW: http://www.taygeta.com Monterey, CA. 93940 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Wrappers snortlst snortlst (Nov 06)
- Re: Wrappers james (Nov 06)
- Re: Wrappers snortlst snortlst (Nov 06)
- Re: Wrappers Chris Green (Nov 06)
- <Possible follow-ups>
- RE: Wrappers Kevin Brown (Nov 06)
- Re: Wrappers JPP (Nov 06)
- Re: Wrappers james (Nov 06)
- Re: Wrappers Skip Carter (Nov 06)
- Re: Wrappers JPP (Nov 06)
- RE: Wrappers Benjamin W. Ritcey (Nov 07)
- Re: Wrappers JPP (Nov 06)
- Re: Wrappers james (Nov 06)
- RE: Wrappers Wells, Kenneth L (Nov 06)
- RE: Wrappers Demetri Mouratis (Nov 06)
- Re: Wrappers snortlst snortlst (Nov 07)
- RE: Wrappers Chris Eidem (Nov 06)