[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-security] Re: RaQ550: Excluding TLDs from using FTP in hosts.alllow

Subject: [cobalt-security] Re: RaQ550: Excluding TLDs from using FTP in hosts.alllow
From: "Michelle A. Hoyle" <mahlist@xxxxxxxxxxxxx>
Date: Fri, 18 Apr 2003 23:41:44 +0100
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

From: Gerald Waugh <gwaugh@xxxxxxxxxxxxxxxxxxxxxxx>
Date: Fri, 18 Apr 2003 09:46:24 -0400

On Friday 18 April 2003 07:38, Michelle A. Hoyle wrote:

 Summary:
 How can I use "ALL EXCEPT" in hosts.allow to deny FTP access to
 certain top-level domains?

 Discussion:
 I've been trying to for ages to get this to work on both a RaQ4 and a
 RaQ550 for what seems like ages with no success.  In theory, I think
 the following should work in /etc/hosts.allow

 in.proftpd: ALL EXCEPT .fr, .de, .tw, .cn, .pl

 In practice, it doesn't seem to do anything.  Is there a better
 approach or am I just doing something incorrectly?


What do you have in /etc/hosts.deny?
These files work together,
Why not just; In /etc/hosts.deny
in.proftpd: .fr .de .tw .cn .pl

Or to make your s work, In /etc/hosts/deny
in.protpd: ALL

You don't need the ',' just a 'space' between entries

I didn't have anything in hosts.deny except sshd: ALL. I justthought I *should* be able to state it as a positive in hosts.allowand kept looking at tutorials and web pages about, and then tryingdifferent things.


Putting it into hosts.deny seems to work lovely, though.  Doh!

Thanks,

Michelle

Prev by Date: Re: [cobalt-security] Ipchains and dns - my firewall.
Next by Date: Re: [cobalt-security] Need to know default permissions and ownerships for cobalt CGI
Previous by thread: Re: [cobalt-security] Need to know default permissions and ownerships for cobalt CGI
Next by thread: [cobalt-security] Lists Down This Weekend

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index