/etc/hosts.allow and/etc/hosts.deny Two files are settings that control remote access by allowing or denying access to a service to Linux by a client of an IP or IP segment.
If the requested host name or IP is not included in the/etc/hosts.allow, then the TCPD process checks the/etc/hosts.deny. See if the host name or IP requested for access is included in the Hosts.deny file. If it is included, the access is denied, and if it is not included in the/etc/hosts.allow and is not included in the/etc/hosts.deny, then this access is also allowed.
:[:
Daemon list service Process list, such as Telnet service process name in.telnetd
Client list access control, which can write domain names, host names, or network segments, such as. trubolinux.com.cn or 192.168.1.
option options, which can be some commands or log files that you specify
Example: Hosts.allow
In.telnetd:.vpser.net
vsftpd:192.168.0.
sshd:192.168.0.0/255.255.255.0
The first line in/etc/hosts.allow Vpser.net said that only the hosts in the Vpser.net domain allowed access to the Telnet service, noting the point (.) in front of Vpser.net.
The second line in/etc/hosts.allow says that only users 192.168.0 this segment are allowed access to the FTP service, noting the point (.) at the back of 0.
The third line in/etc/hosts.allow says that only users 192.168.0 this segment are allowed access to the SSH service, and note that this cannot be written as 192.168.0.0/24. This is equivalent to the Cisco router type.
Add in/etc/hosts.deny:
sshd:62.75.214.93
sshd:203.215.252.189
sshd:219.143.200.169
sshd:60.12.193.134
sshd:201.83.220.44
sshd:c953dc2c.virtua.com.br
Sshd:gera125.server4you.de
To deny all of their access to SSH, Linux is also a strong gfw.