Re: ALL: PARANOID from /etc/hosts.deny Should be Commented by default
Quoting PiotR (firstname.lastname@example.org):
> Having ALL: PARANOID in /etc/hosts.deny only causes problems and doesn't
> provide any special security. Its very annoing when you can't access some
> server because this. Or worse, the clients doesn't accept the server stuff.
You're right. it doesn't provide special security.
It providers very normal security; reasonable certainty that hosts
connecting to your services are 'sane' in the sense that they have both a
valid DNS entry, and a valid reverse DNS entry to match.
> I strongly believe that this should be removed in posterior releases of
> debian O.S ?what do you think?
I don't agree :)
(who thinks 'ALL: PARANOID' is the only thing /etc/hosts.deny is
encrypted mail preferred. finger email@example.com for my GnuPG/PGP key.
"There are two major products that come out of Berkeley: LSD and UNIX. We
don't believe this to be a coincidence." -- Jeremy Anderson