Access problem solved

To: debian-user@lists.debian.org
Subject: Access problem solved
From: Carl Fink <carlf@panix.com>
Date: Thu, 30 Dec 1999 00:45:45 -0500
Message-id: <[🔎] 19991230004545.A6817@panix.com>

I solved the problem shortly after posting, and then twice sent
private rather than list-directed explanations by accident.

As a listmember pointed out, the problem was in my hosts.deny file,
not hosts.allow.  Once I read the man page carefully I changed the
line to ALL: ALL and telnet/ftp/smtp were locked.

Oddly, this *didn't* lock http (port 80), though.  A quick check of
inetd.conf indicated that inetd doesn't handle http connections.  So
I edited boa.conf to only "listen" for connections from 127.0.0.1. 
(I only have a web server at all to handle dwww.)  Now all ports are
closed.

Interestingly, the scanner at www.gsr.com still shows my ftp, smtp,
and telnet ports as "open".  My tests indicate that one can connect
to the port, but not actually do anything before my host closes the
connection again.  

Someone suggested using IPCHAINS.  The thing is, my only goal is to
lock *everyone* outside my local LAN out, while trusting everyone
within 198.162.  If I need more complex rules, I will investigate
IPCHAINS.

Thanks to those who replied.
-- 
Carl Fink		carlf@dm.net
I-Con's Science and Technology Guest of Honor in 2000 will be Geoffrey
A. Landis.  See <http://www.iconsf.org> for I-Con information.

Reply to:

Follow-Ups:
- Re: Access problem solved
  - From: hypnos <hypnos@m-net.arbornet.org>

Prev by Date: Re: debian-user mangles mails
Next by Date: Re: debian-user mangles mails
Previous by thread: Re: Debian Linux
Next by thread: Re: Access problem solved
Index(es):
- Date
- Thread