TEXT   105

Hosts.allow.txt

Guest on 14th September 2021 09:15:59 PM

  1. A good document to read before you start is the sample '/etc/hosts.allow' file. Before you
  2. start changing that file make sure you have a way to get into the system when you lock
  3. yourself out (e.g. ordinary keyboard/monitor access).
  4.  
  5. The '/etc/hosts.deny' file is depreciated bij FreeBSD and it is better (IMHO) to have all
  6. these rules in one file: '/etc/hosts.allow'.
  7.  
  8. Because of the size of the default '/etc/hosts.allow' file I always completely empty it.
  9. Then put in the line "ALL : ALL : DENY" . This wil block out everything. Now start
  10. allowing services, make sure the above line is the last one in the file, here are some
  11. examples:
  12.  
  13.   sshd : ALL : ALLOW                    allow ssh from everywhere
  14.   sshd : 192.168.1. 127.0.0.1 : ALLOW   allow ssh from localhost and the subnet 192.168.1
  15.   sshd : evil.crackers.org : DENY       deny ssh from evil.crackers.org
  16.  
  17.  
  18. So an example file would be something like this:
  19.  
  20.   sshd : ALL        : ALLOW
  21.   ftpd : 192.168.1. : ALLOW
  22.   ALL  : ALL        : DENY
  23.  
  24. There are alot more options to use, read the manpages to find out.
  25.  
  26.  
  27. MY HOSTS.ALLOW
  28.  
  29. sshd: 68.48. 68.49.  207.86.20.34       : ALLOW
  30. sshd: ALL       : DENY

Raw Paste


Login or Register to edit or fork this paste. It's free.