Re: using tcpd to block ports?

From: J. Reilink (digiover_at_dsinet.org)
Date: 08/18/03 

Date: Mon, 18 Aug 2003 13:07:21 +0200

Shane T. Miller wrote:
> Can I use tcpd and hosts.deny to block specific ports from specific nets?
>
> Example /etc/hosts.deny
>
> ALL : 192.168.0.0:135

Yes, but it's better to deny ALL in /etc/hosts.deny, and allow only certain
hosts through /etc/hosts.allow (read both manpages). 

-- 
Met vriendelijke groet / Best regards,
Jan Reilink
		Dutch Security Information Network,
		http://www.dsinet.org

Relevant Pages

  • RE: IM Programs
    ... want to block these ports. ... you don't need an explicit deny for the other ports. ... Access-list 101 deny any tcp any any eq 5000 ... >Now, when applying these to your firewall, make sure the number ...
    (Security-Basics)
  • Re: Problem with Kerio - please help!
    ... > only problem I have is with kerio. ... Application Deny ... Run Active Ports to locate 'listening ports' and ... incoming TCP to them (except the Kerio listening ports, ...
    (comp.security.firewalls)
  • Re: CISCO ACLs.. Are there lists already out there to protect me from trojans and known bad sites?
    ... You want to DENY ALL, ... >> all ports and IPs, and then grant access to the ones you need. ... I setup a Linux server, installed Squid as a non-caching web proxy, ... affected by my automatic script. ...
    (Security-Basics)
  • RE: [fw-wiz] Problems logging denys on Cisco Routers?
    ... Has anyone else seen problems logging on Cisco Routers for deny ACLs? ... the UDP ports scanned and only 1% of the TCP ports scanned. ...
    (Firewall-Wizards)
  • Re: Which Ports to allow on Pix.
    ... but want to add a deny all at the end of our ... In order to do so we need to first iron out the ports we ... > I have the basics, FTP, WWW, SSL. ... > We are running a mail server, several web servers and a radius server ...
    (comp.security.firewalls)