Hi there guys,
My question is realted to the Host allow and deny configuration.
Is there a way of allowing all in the host allow config?
I assume this would be the best setting if you wanted to be able to login from any machine none IP specific.
Also I have read that host deny is obsolete now. Is that correct?
Note:This may of been only in the distro of fluxbox that i was playing with.
Cheers in advance for any help guys.
Yup, leave /etc/hosts.allow and /etc/hosts.deny as empty files.
Not only obsolete but dangerous in that they can provide a false sense of security.
Use an iptables based firewall instead, I would strongly recommend firehol.
Sample config from a KVM host;
interface br0 public
server ssh accept src “$SECURE”
server snmp accept src “$MONITOR”
server icmp accept
client all accept
router public_router inface br0 outface any
Hopefully this is pretty readable / self-documenting …
[if you don’t understand this then (a) you don’t need a firewall or (b) you have some reading to do … ]