Copyright Disclaimer: During reprinting, please use hyperlinks to indicate the original source and author information of the article and this statement
Http://lnote.blogbus.com/logs/10183525.html
For network services that can be started through the xinetd program, such as FTP telnet, We can modify/etc/hosts. allow and/etc/hosts. deny configuration to permit or deny access to IP addresses, hosts, and users.
For example, we add
ALL: 218.24.129.
In this way, all customers from the 218.24.129. * domain are allowed to access the service. This is just an example. In fact, by default, the system can use these network servers.
If we add it to/etc/hosts. Deny, all IP addresses from the 218.24.129. * domain are restricted.
ALL: 218.24.129.
If we add
ALL: 218.24.129.134, which limits the access of all users in 218.24.129.134.
When hosts. Allow conflicts with host. Deny, the hosts. Allow settings are optimized.
After setting, restart
#/Etc/rc. d/init. d/xinetd restart
#/Etc/rc. d/init. d/network restart
Not any service program can use TCP_WRAPPERS. For example, use the command LDD/usr/sbin/sshd. If libwrap is in the output, TCP_WRAPPERS can be used, that is, the service can use/etc/hosts. allow and/etc/hosts. deny. It is unavailable if the output does not contain libwrap.