Re: hosts.deny

To: debian-user@lists.debian.org
Subject: Re: hosts.deny
From: Matt Zagrabelny <mzagrabe@d.umn.edu>
Date: Wed, 29 Mar 2006 10:41:11 -0600
Message-id: <[🔎] 1143650471.2960.79.camel@localhost.localdomain>
In-reply-to: <[🔎] 442AA227.8040505@haleprint.com>
References: <[🔎] 442AA227.8040505@haleprint.com>

On Wed, 2006-03-29 at 09:05 -0600, Jack Hale wrote:
> I am trying to block a whole subnet. (example 
> 100.100.100.0-100.100.100.255).
> in my /etc/hosts.deny file I have placed this as 
> 100.100.100.0/100.100.100.255.
> Is this the correct way to do this? I am using Shorewall for the 
> firewall. I am new to this. Sorry for the stupidity.
> Jack

hosts (allow|deny) are more of a layer7 packet filter. that is, it is at
the application level.

firewalls filter at layers 2 and 3 of the OSI model.

both methods work for restricting access to stuff, but they are
different, and that is important to understand.

-matt zagrabelny

Reply to:

References:
- hosts.deny
  - From: Jack Hale <jack@haleprint.com>

Prev by Date: Re: about mplayer
Next by Date: squirrelmail+uw-imapd broken
Previous by thread: Re: hosts.deny
Next by thread: Unofficial Debian GNU/Linux Repositories Overview
Index(es):
- Date
- Thread