[lug] hosts.deny not denying

gordongoldin at netscape.net gordongoldin at netscape.net
Wed Jan 31 11:06:53 MST 2007 

 Saw something scarey with hosts.
 
I configure servers in the office and then carry them out to the field.  
For security, I set hosts. like this: allow localhost, my VPN - 10..., and my environment.
(A)
/etc/hosts.deny
ALL: ALL
/etc/hosts.allow
ALL: localhost, 10.10.10., 128.138.
Every time I take a server out, I forget this, then get a message: "connection closed..."

Then I add the local environment (10.146.), and I can get in:
(B)
 /etc/hosts.deny
ALL: ALL
/etc/hosts.allow
ALL: localhost, 10.10.10., 128.138., 10.146.

This time, I re-used and upgraded the same server that was there before.  
And all the PCs could get to it.  
WITHOUT the new environment added..... see (A) above.

I am going directly from FC3 to FC5 and have seen a couple little wierdnesses, like not being able to access a gateway.
But all the other machines like this wouldn't respond until hosts.allow had the local environment.
 
Here is ifconfig:
eth0      Link encap:Ethernet  HWaddr 00:0C:F1:AA:24:EF  
          inet addr:10.146.130.250  Bcast:10.146.131.255  Mask:255.255.252.0
          inet6 addr: fe80::20c:f1ff:feaa:24ef/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:51939 errors:0 dropped:0 overruns:0 frame:0
          TX packets:14030 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100 
          RX bytes:4644340 (4.4 MiB)  TX bytes:3189579 (3.0 MiB)
          Base address:0xdf40 Memory:fcfe0000-fd000000 
lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:3162 errors:0 dropped:0 overruns:0 frame:0
          TX packets:3162 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:2353612 (2.2 MiB)  TX bytes:2353612 (2.2 MiB)
tun0      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  
          inet addr:10.10.10.38  P-t-P:10.10.10.37  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:112 errors:0 dropped:0 overruns:0 frame:0
          TX packets:73 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100 
          RX bytes:9830 (9.5 KiB)  TX bytes:9952 (9.7 KiB)
________________________________________________________________________
Check Out the new free AIM(R) Mail -- 2 GB of storage and industry-leading spam and email virus protection.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lug.boulder.co.us/pipermail/lug/attachments/20070131/cee27fa5/attachment.html>

More information about the LUG mailing list