Re: does Windows XP have a hosts.deny?

From: Moe Trin (ibuprofin_at_painkiller.example.tld)
Date: 03/12/05 

Date: Sat, 12 Mar 2005 09:40:01 -0600

In article <1110635807.510459.283550@g14g2000cwa.googlegroups.com>, Yef wrote:

>Under Linux it is easy to deny access to hosts
>who want to attack a computer. One simply creates
>a hosts.deny file in which you put the expression
>ALL: ALL, which blocks all incoming requests.

[compton ~]$ whatis hosts_access
hosts_access (3) - access control library
hosts_access (5) - format of host access control files
hosts_access [hosts] (5) - format of host access control files
[compton ~]$

You probably ought to re-read that man page, because your understanding
of /etc/hosts.allow and /etc/hosts.deny is totally wrong.

IF a service or protocol is _aware_ of tcp_wrappers or if it has been
compiled with libwrap, then the incoming connection will be tested
against conditions in /etc/hosts.allow. IF the connection is permitted
there OR if the service/protocol is not aware of tcp_wrappers or if it
was not compiled with libwrap, then the connection goes through. A NUMBER
OF SERVICES ARE NOT COMPILED WITH LIBWRAP OR ARE AWARE OF TCP_WRAPPERS.

ONLY IF a service or protocol is _aware_ of tcp_wrappers or if it has been
compiled with libwrap AND was not permitted in /etc/hosts.allow will the
rules in /etc/hosts.deny be inspected. If /etc/hosts.deny does have
the 'ALL: ALL' line (so highly recommended), only then will the connection
be dropped. Otherwise, it will be permitted.

Use the '/bin/netstat -tupan' command to see what ports you have open.
The use a decent scanner from a different computer (testing via loopback
on the same computer is misleading) to see how open those ports are.
Finally, read the Security-Quickstart-HOWTO to learn how this stuff works.

>However what is the equivalent under Windows?

Are you really expecting windoze to have anything related to security? Why
do you think there are all of these third party firewalls? Or do you really
think the "built-in" firewall in XP is worth more than two grains of salt?

        Old guy

Relevant Pages

  • Re: New SSH Daemon refusing to log any user on
    ... new version of sshd it installed into /usr/sbin/. ... > TS> Well, I believe OpenSSH can be linked with libwrap, so it uses ... > TS> post shows that you did make some kind of connection. ... > client-side symptom is a complaint that the initial SSH protocol version ...
    (comp.security.ssh)
  • Re: VSFTPD
    ... Connection closed by remote host. ... Xinetd comes comes compiled in libwrap: again have a look at the ... checkes the /etc/hosts.allow or deny files on its own. ...
    (linux.redhat)
  • Re: Connection reset by peer , but success on Virtual NIC
    ... Check the syslog and /etc/hosts.; perhaps there is a libwrap ... setting which only allows connection to one of the addresses. ... Richard Silverman ...
    (comp.security.ssh)
  • Re: MCE doesnt find my Xbox 360
    ... 11:52:57 PM: Searching device table for unaffiliated bobsleds. ... "Invalid Connection Data". ... Unable to detect any third party firewalls. ...
    (microsoft.public.windows.mediacenter)
  • Re: RWW Issues
    ... -No third party firewalls that I can see ... The SBS may be running a third party firewall that blocks the connection. ... - Someone may have cleverly changed to port number for RDP from the default ... I inherited a client who has SMB 2003 Standard server behind a NetGear vpn ...
    (microsoft.public.windows.server.sbs)