[TriLUG] hosts.deny question?

Tue Mar 7 23:28:41 EST 2006

I have an Apache 2.0 server running www.havenstead.net
Needless to say I am being probed and intrusion attempts all the time. 
Especially from china and korea. I am trying to stop them. I would like to 
totally block them from accessing my server in any way. Someone suggested 
using .htaccess but that will only block that file. I want to stop them from 
ssh,ftp,etc.
      As I said,I am new at this. I dont know most of the terminology and 
basics. I have bought stacks of books and such but the way I learn is by 
doing. Setting up the server,security,different levels of access,php,perl, 
and so on. I have learned a lot but got a long way to go. When I have a 
problem that I am trying to solve,I dont know the "vernacular" or "format" 
of the different commands.
      I want the server to be secure with my being able to monitor it. But I 
hope to get a group of people on it regularly. I want to have the http 
server up,ftp,pop3 server when I am thru.
       I have another project I am looking into as well. I want to build and 
setup a dial-in server. Where another computer can dial-i (as you would do 
with your ISP) and the website will pull up. Something similar to the old 
message boards. Something with a message board layout that will be easily 
loaded. and a way for me to update files remotely (ftp?). This is mt next 
project that I have been looking into.

Thanks,
WA Brown


----- Original Message ----- 
From: "Owen Berry" <oberry at trilug.org>
To: "Triangle Linux Users Group discussion list" <trilug at trilug.org>
Sent: Tuesday, March 07, 2006 9:58 AM
Subject: Re: [TriLUG] hosts.deny question?


> What are you trying to accomplish here? Somebody said you should have
> tcp wrappers, but why? And was that for Apache, or the server in
> general?
>
> The server should have it by default, but you can check by running:
>
>  rpm -qi tcp_wrappers
>
> As far as I can tell (I looked on Fedora 3 and RHEL 4), Apache is
> probably not compiled to use tcp_wrappers. As Pat and Alan mentioned you
> can check by running:
>
>  strings /usr/sbin/httpd | grep hosts_access
>    - or -
>  ldd /usr/sbin/httpd | grep libwrap
>
> Assuming Apache's httpd binary is in the same place I have it.
>
> But, as I said, what are you trying to achieve. There are many
> experience sysadmins and power users on this list and somebody can
> probably help.
>
> Owen
>
> On Tue, Mar 07, 2006 at 03:00:29AM -0500, WA Brown wrote:
>> Someone said that the server should use tcp wrappers. How can I find out 
>> if
>> it does?
>>
>> WA brown
>> ----- Original Message ----- 
>> From: "Alan Porter" <porter at trilug.org>
>> To: "Triangle Linux Users Group discussion list" <trilug at trilug.org>
>> Sent: Monday, March 06, 2006 9:37 PM
>> Subject: Re: [TriLUG] hosts.deny question?
>>
>>
>> >
>> >>     I am new to this group and linux. I hope you tolerate another
>> >>"newbie". I have a server online at www.havenstead.net and am learning
>> >>how to do things with it every day. I am running Redhat9 with an Apache
>> >>2.0 server.
>> >>
>> >>This is what I have in the "hosts.deny" file. What have I got wrong?
>> >
>> >
>> >
>> >
>> >All of these lines are syntactically OK -->
>> >
>> ># protocol: IP address or wildcard
>> >smtp: 216.27.9.180
>> >sshd: 70.85.111.114
>> >ALL: 200.83.0.71
>> >ALL: .trilug.org
>> >ALL: 172.31.
>> >sshd: 31.2.18.0/24
>> >sshd: 185.16.21.0/255.255.255.0
>> >ALL: 192.168.*
>> >
>> >
>> >
>> >
>> >Alan
>> >
> -- 
> TriLUG mailing list        : http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ  : http://trilug.org/faq/
> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
>