Home > linux > Linux: hosts.allow, hosts.deny - how do I allow all except hosts mentioned in hosts.deny

Linux: hosts.allow, hosts.deny - how do I allow all except hosts mentioned in hosts.deny

November 17Hits:1
Advertisement

How do I configure hosts.allow and hosts.deny to allow all connections from all hosts except for some hosts/ports specified in hosts.deny?

This is what I have now in these files:

hosts.allow:

ALL:ALL 

hosts.deny:

somehost:someport 

I want to allow all connections except for somehost:someport, but the above configuration does not work.

EDIT:

Well, I found out in this case hosts.allow should be an empty file, but it's still allowing connections on someport...

Answers

You've got it backwards.

It should be like this:

someport : somehost

The syntax is actually more expressive than this: the port and the hosts can be lists, and the port can instead be specified by daemon name instead of port number, for example. Your system ought to have documentation for the format of the file.

And you're right about hosts.allow, it should be empty as the default action is to accept.

You can also use the extended format described in hosts_options(5) and use /etc/hosts.allow only.

Related Articles

  • Linux: hosts.allow, hosts.deny - how do I allow all except hosts mentioned in hosts.denyNovember 17

    How do I configure hosts.allow and hosts.deny to allow all connections from all hosts except for some hosts/ports specified in hosts.deny? This is what I have now in these files: hosts.allow: ALL:ALL hosts.deny: somehost:someport I want to allow all

  • Azure Linux VM Captured, Built from image. Different password or key for new VM: permission denied?January 28

    I followed How to Capture an Image of a Virtual Machine Running Linux to capture a VM image, after installing the packages I wanted on top of Ubuntu 12.04 LTS. I turned off the machine following a waagent -deprovision and Captured the image. When I h

  • Block all IP except few in Windows Firewall September 12

    Multiple windows firewall rules are ANDed together or ORed? Background: I have a SQL database server running on a public cloud virtual machine. I have configured allow connection inbound rule in windows firewall for my trusted IPs and need to block a

  • What is the difference between securing a linux box using hosts.[allow|deny] vs iptables?August 5

    As the title states, I have a linux box. As far as I can tell I can use hosts.allow / hosts.deny or iptables to secure. What's the difference? Is there another mechanism that can be used? --------------Solutions------------- IPTables works at the Ker

  • Linux Password expired , getting Access Denied messageDecember 8

    A very good day to all of you out there . Generally i would be connecting to Remote Linux Machine using my Username and Password , few days back i got a message saying my Password would expire within 5 days , anyway i have ignored it and didn't pay a

  • How to terminate Cisco Virtual Tunnel Interface with Linux?May 29

    I am trying to replace a Cisco router with a GNU Debian/Linux router. This Cisco router terminates a VPN connection that was setup using VTI. Could someone please help me what software and configuration to use on Debian? This is a summary from the wo

  • Hide files in Linux without using the dotNovember 21

    I wish to hide files in Linux without using the dot, since it's possible in Windows. Is there a way to do this? --------------Solutions------------- You cannot. There is a fundamental difference in the way the file systems handle hidden settings. In

  • Trying to install ADB on Ubuntu, permission deniedJune 8

    When I tried to install ADB through the terminal on Ubuntu, it told me "permission denied": ~/android-sdks/tools/ $ ./android bash: ./android: Permission denied ~/android-sdks/platform-tools/ $ ./adb devices bash: ./adb: Permission denied Can an

  • Permission Denied for FTP UserJune 29

    I have an FTP user whose default is /root/ftpuser This user can login fine. The user is the owner of the directory & the directory is even set to 777 permissions. But the user can't upload anything, the display is: Status: Connecting to xx.xxx.xxx.xx

  • tcpdump: out.pcap: Permission deniedFebruary 14

    [[email protected] ~]# cat /etc/issue Fedora release 17 (Beefy Miracle) Kernel \r on an \m (\l) [[email protected] ~]# uname -a Linux localhost.localdomain 3.6.10-2.fc17.i686 #1 SMP Tue Dec 11 18:33:15 UTC 2012 i686 i686 i386 GNU/Linux [[email protected] ~]#

  • How to use easy_install on linux terminal?July 31

    I am installing py2exe using easy_install. here is what I typed: easy_install py2exe I am using linux mint cinnamon 15. This is what I get, though: [Errno 13] Permission denied: '/usr/local/lib/python2.7/dist-packages/test-easy->install-3460.pth' The

  • IPs in hosts.deny only block sshJanuary 7

    I am running a small server where I want to block some special IPs using /etc/hosts.deny. If I make an entry like ALL: <IP> only the ssh service will be blocked for IP. All the others services like ftp, http etc. are still reachable by IP. Doesn't t

  • Permission denied when trying to install Adobe AirMay 19

    I'm trying to install Adobe air 2.60 on Sabayon Linux with 3.12 kernel. When I tried to execute installer, I get "permision denied" error from execvp. [email protected] Adobe/ $ ls -al drwxrwxrwx 2 dzar dzar 4096 05-23 02:39 . drwxr-xr-x 20 dzar dzar 12

  • root + crontab : permission denied October 24

    This question already has an answer here: How do I deal with a compromised server? 13 answers I'm using Debian 6, all patched up, but when I try to access crontab as root, I just get a permission denied: [email protected]:~# crontab -e -bash: /usr/bin/cron

  • Permission denied to resize filesystemJanuary 27

    Im attempting to resize a filesystem on a mulipathed volume that I've grown, rescanned all the disks, and resized the multipath map. # resize2fs /dev/mapper/my_vol resize2fs 1.43-WIP (20-Jun-2013) Filesystem at /dev/mapper/my_vol is mounted on /var/l

  • Locally deny login to users authenticated via LDAPFebruary 24

    I have a RedHat Linux server that are is use for more than 1000 users Users names are coming to the server via LDAP protocol, so login authentication is from the LDAP My question: is it possible to block user login on the local machine, while users n

  • Windows cannot access disk mounted on linux bootApril 9

    I do have a NTFS files partition that I use both in linux (LXLE 14.04 which is Lubuntu based) and windows (8.1). While back, I added and entry in /etc/fstab in order to mount the files partition during boot as follows: UUID=5C8717AD70D2762B /media/fi

  • Unlocking all ports in a router when using LinuxJuly 24

    I heard that Linux's open ports are not very vulnerable, so a normal desktop Linux installation doesn't need a firewall. Still, my router (Dlink) blocks some ports, even in LAN. Would it be a bad idea to unblock all the ports in my router? ----------

  • can't echo in terminal "bash: /etc/odbcinst.ini: Permission denied" January 21

    This question already has an answer here: sudo echo "something" >> /etc/privilegedFile doesn't work- is there an alternative? 9 answers running a command as a super user from a python script 4 answers I have a large setup program that save

  • Is there a Windows or Linux equivalent of Soulver calculator application?

    Is there a Windows or Linux equivalent of Soulver calculator application? March 15

    I've just been shown a brilliant calculator app called Soulver which is only available on Mac OS X Maths on a Mac as it should be Soulver is a new kind of calculator application which uses a simple yet powerful word-processor style interface instead

Copyright (C) 2017 ceus-now.com, All Rights Reserved. webmaster#ceus-now.com 14 q. 0.451 s.