Hi,
Under Linux it is easy to deny access to hosts
who want to attack a computer. One simply creates
a hosts.deny file in which you put the expression
ALL: ALL, which blocks all incoming requests.
However what is the equivalent under Windows?
Thanks.
In article <1110635807.510459.283550@g14g2000cwa.googlegroups.com>, Yef wrote:
>Under Linux it is easy to deny access to hosts
>who want to attack a computer. One simply creates
>a hosts.deny file in which you put the expression
>ALL: ALL, which blocks all incoming requests.
[compton ~]$ whatis hosts_access
hosts_access (3) - access control library
hosts_access (5) - format of host access control files
hosts_access [hosts] (5) - format of host access control files
[compton ~]$
You probably ought to re-read that man page, because your understanding
of /etc/hosts.allow and /etc/hosts.deny is totally wrong.
IF a service or protocol is _aware_ of tcp_wrappers or if it has been
compiled with libwrap, then the incoming connection will be tested
against conditions in /etc/hosts.allow. IF the connection is permitted
there OR if the service/protocol is not aware of tcp_wrappers or if it
was not compiled with libwrap, then the connection goes through. A NUMBER
OF SERVICES ARE NOT COMPILED WITH LIBWRAP OR ARE AWARE OF TCP_WRAPPERS.
ONLY IF a service or protocol is _aware_ of tcp_wrappers or if it has been
compiled with libwrap AND was not permitted in /etc/hosts.allow will the
rules in /etc/hosts.deny be inspected. If /etc/hosts.deny does have
the 'ALL: ALL' line (so highly recommended), only then will the connection
be dropped. Otherwise, it will be permitted.
Use the '/bin/netstat -tupan' command to see what ports you have open.
The use a decent scanner from a different computer (testing via loopback
on the same computer is misleading) to see how open those ports are.
Finally, read the Security-Quickstart-HOWTO to learn how this stuff works.
>However what is the equivalent under Windows?
Are you really expecting windoze to have anything related to security? Why
do you think there are all of these third party firewalls? Or do you really
think the "built-in" firewall in XP is worth more than two grains of salt?
Old guy
Post removed (X-No-Archive: yes)
Yef wrote:
> Hi,
>
> Under Linux it is easy to deny access to hosts
> who want to attack a computer. One simply creates
> a hosts.deny file in which you put the expression
> ALL: ALL, which blocks all incoming requests.
> However what is the equivalent under Windows?
>
> Thanks.
>
TCP/IP filtering under network properties.
It allows you to block/allow certain ports or protocols, but I've never
seen an option to specify src addresses or nw ranges.
E.