Ssh and others compiled with tcpwrappers (Re: ssh without reverse DNS lookup)
On Mon, Mar 11, 2002 at 01:12:58PM +0100, Javier Coso Gutierrez wrote:
> You have in the "/etc/hosts.deny" this:
> ALL:PARANOID
That's exactly what I was thinking about.. many programs in
Debian are now compiled with the tcpwrappers library: ssh, portmap,
in.talk, rpc.statd, rpc.mountd, gdm, oaf (the GNOME
activator daemon), nessus and many others.
Are there any others people know of? (I included this same stuff
today in the Debian Security Manual CVS image)
Javi
PS: BTW tcpchk does not take this into account (I'm going to file a bug
now)
Reply to: