If I put the entry into /etc/hosts.deny, would it block all requests from that IP address to my machine (like iptables do), or would it only block access for some applications like SSH?
Asked
Active
Viewed 6,135 times
0
-
What entry are you putting in the file? – user9517 Dec 03 '15 at 07:42
-
This was my question, and I have got two good, useful answers. I tried some googling before but without particular success. – h22 Dec 03 '15 at 09:09
-
It might be what you wanted to know but that's not your question as written. – user9517 Dec 03 '15 at 09:43
2 Answers
5
Iain's Reading Manuals As A Service at your erm service ...
It depends
If you put
ALL: 192.0.2.1, example.com
It will block access to ALL suitably compiled services for the listed hosts.
If you put
sshd: 192.0.2.1, example.com
then access to sshd will be blocked for the listed hosts, providing the sshd has been suitably compiled.
For a service to take advantage of hosts.deny|hosts.allow, it has to be tcpwrapper aware, not all services are.
In general you and check to see if a service is tcpwrapper aware like by looking for libwrap in the output of ldd for the binary e.g.
ldd /usr/sbin/sshd | grep libwrap
libwrap.so.0 => /lib64/libwrap.so.0 (0x00007fae25ae7000)
so in this case sshd is tcpwrapper aware.
user9517
- 115,471
- 20
- 215
- 297
1
If you are talking about a standard linux distro, then it depends on the application. The question being about port 80, I'd be inclined to answer no, as most webservers I'm aware of (most notably, apache) are not compiled against the tcpwrapper library - which is what makes applications aware of hosts.{allow,deny} directives.
Webservers have - of course - their own way of shutting out unwanted clients. If you do not want to depend on app-specific methods, however, a low level firewall (such as the mentioned iptables) is the surest way.
Alien Life Form
- 2,309
- 2
- 21
- 32