Re: Wrappers

[Skip Carter <skip () taygeta com>]

> Using Xinetd set to use hosts.allow and hosts.deny (in particular), I
> have found on RedHat 7.x systems that using these files to regulate SSH
> connections works quite well.
>
> Adding to hosts.deny:
> ALL: ALL
>
> Will indeed stop SSH connections as well as everything else that uses
> these wrappers (least for me it does!)
>
> I add:
> SSHD:  Some.IP.Range. or.some.ip.address
>
> to hosts.allow and I get access once more.
>
> I may be far off base here - but it indeed works in my case. Give it a
> try. May work for you also. And possibly some kind soul can explain why
> SSH is regulated this way without being added to any conf file ...

  With the appropriate entry in inetd.conf or /etc/xinetd.d   SSH and
  httpd (at least Apache anyway) CAN be tcp_wrappered (regardless of
  the Linux distro).  BUT, in both of these cases there is a significant
  program startup overhead involved, so its really not a very good idea
  for these programs unless these startup delays can be tolerated in
  your network environment.
 

-- 
 Dr. Everett (Skip) Carter      Phone: 831-641-0645 FAX:  831-641-0647
 Taygeta Scientific Inc.        INTERNET: skip () taygeta com
 1340 Munras Ave., Suite 314    WWW: http://www.taygeta.com
 Monterey, CA. 93940            












_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users