[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] Difference between hosts.deny and ipchains DENY

Subject: Re: [cobalt-security] Difference between hosts.deny and ipchains DENY
From: Gerald Waugh <gerald@xxxxxxxxx>
Date: Mon, 21 Jan 2002 12:39:12 -0500
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

On Mon, 21 Jan 2002, loptson@xxxxxxxxxxxx wrote:
> What is the relationship between putting an entry into hosts.deny and adding a DENY rule in ipchains to the input chain?  What do they each block? Is one preferred over the other or is one more comprehensive in what it blocks?
> 

host.deny works for inetd processes (sshd, proftpd, qpopper) maybe a few more.
ipchains works at the kernel level. If you block with ipchains, it may save
some resources.

 --
Gerald Waugh
Registered Linux User 255245
register at http://counter.li.org

Follow-Ups:
- Re: [cobalt-security] Difference between hosts.deny and ipchains DENY
  - From: E.B. Dreger

References:
- [cobalt-security] Difference between hosts.deny and ipchains DENY
  - From: loptson

Prev by Date: [cobalt-security] Difference between hosts.deny and ipchains DENY
Next by Date: Re: [cobalt-security] Portsentry, ipchains and pmfirewall
Previous by thread: [cobalt-security] Difference between hosts.deny and ipchains DENY
Next by thread: Re: [cobalt-security] Difference between hosts.deny and ipchains DENY

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index